Описание
Security update for mariadb
This update for mariadb fixes the following issues:
Update to version 10.11.14.
Security issues fixed:
- CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert or delete access to data and cause repeatable crash in MySQL server (bsc#1249213).
- CVE-2025-30722: mysqldump issue allows low privileged attacker with network access to gain unauthorized update, insert or delete access to data in MySQL Client (bsc#1249212).
- CVE-2023-52969: crash with empty backtrace log in MariaDB Server (bsc#1239150).
- CVE-2023-52970: crash in MariaDB Server when inserting from derived table containing insert target table (bsc#1239151).
- CVE-2023-52971: crash in the optimizer of MariaDB Server when processing certain queries with subqueries (bsc#1249219).
Release notes and changelog:
- https://mariadb.com/docs/release-notes/community-server/mariadb-10-11-series/mariadb-10.11.14-release-notes
- https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-10-11-series/mariadb-10.11.14-changelog
- https://mariadb.com/kb/en/mariadb-10-11-13-release-notes/
- https://mariadb.com/kb/en/mariadb-10-11-13-changelog/
- https://mariadb.com/kb/en/mariadb-10-11-12-release-notes/
- https://mariadb.com/kb/en/mariadb-10-11-12-changelog/
Список пакетов
Container suse/mariadb-client:10.11
mariadb-client-10.11.14-150600.4.14.1
mariadb-errormessages-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Package Hub 15 SP6
mariadb-galera-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Server Applications 15 SP6
libmariadbd-devel-10.11.14-150600.4.14.1
libmariadbd19-10.11.14-150600.4.14.1
mariadb-10.11.14-150600.4.14.1
mariadb-client-10.11.14-150600.4.14.1
mariadb-errormessages-10.11.14-150600.4.14.1
mariadb-tools-10.11.14-150600.4.14.1
openSUSE Leap 15.6
libmariadbd-devel-10.11.14-150600.4.14.1
libmariadbd19-10.11.14-150600.4.14.1
mariadb-10.11.14-150600.4.14.1
mariadb-bench-10.11.14-150600.4.14.1
mariadb-client-10.11.14-150600.4.14.1
mariadb-errormessages-10.11.14-150600.4.14.1
mariadb-galera-10.11.14-150600.4.14.1
mariadb-rpm-macros-10.11.14-150600.4.14.1
mariadb-test-10.11.14-150600.4.14.1
mariadb-tools-10.11.14-150600.4.14.1
Ссылки
- Link for SUSE-SU-2025:03275-1
- E-Mail link for SUSE-SU-2025:03275-1
- SUSE Security Ratings
- SUSE Bug 1239150
- SUSE Bug 1239151
- SUSE Bug 1249212
- SUSE Bug 1249213
- SUSE Bug 1249219
- SUSE CVE CVE-2023-52969 page
- SUSE CVE CVE-2023-52970 page
- SUSE CVE CVE-2023-52971 page
- SUSE CVE CVE-2025-30693 page
- SUSE CVE CVE-2025-30722 page
Описание
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.
Затронутые продукты
Container suse/mariadb-client:10.11:mariadb-client-10.11.14-150600.4.14.1
Container suse/mariadb-client:10.11:mariadb-errormessages-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:mariadb-galera-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:libmariadbd-devel-10.11.14-150600.4.14.1
Ссылки
- CVE-2023-52969
- SUSE Bug 1239150
Описание
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
Затронутые продукты
Container suse/mariadb-client:10.11:mariadb-client-10.11.14-150600.4.14.1
Container suse/mariadb-client:10.11:mariadb-errormessages-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:mariadb-galera-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:libmariadbd-devel-10.11.14-150600.4.14.1
Ссылки
- CVE-2023-52970
- SUSE Bug 1239151
Описание
MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.
Затронутые продукты
Container suse/mariadb-client:10.11:mariadb-client-10.11.14-150600.4.14.1
Container suse/mariadb-client:10.11:mariadb-errormessages-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:mariadb-galera-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:libmariadbd-devel-10.11.14-150600.4.14.1
Ссылки
- CVE-2023-52971
- SUSE Bug 1249219
Описание
unknown
Затронутые продукты
Container suse/mariadb-client:10.11:mariadb-client-10.11.14-150600.4.14.1
Container suse/mariadb-client:10.11:mariadb-errormessages-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:mariadb-galera-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:libmariadbd-devel-10.11.14-150600.4.14.1
Ссылки
- CVE-2025-30693
- SUSE Bug 1249213
Описание
unknown
Затронутые продукты
Container suse/mariadb-client:10.11:mariadb-client-10.11.14-150600.4.14.1
Container suse/mariadb-client:10.11:mariadb-errormessages-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:mariadb-galera-10.11.14-150600.4.14.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:libmariadbd-devel-10.11.14-150600.4.14.1
Ссылки
- CVE-2025-30722
- SUSE Bug 1249212