Описание
Security update for mariadb
This update for mariadb fixes the following issues:
Update to version 10.2.40 [bsc#1189320]:
- fixes for the following security vulnerabilities: CVE-2021-2372 and CVE-2021-2389
Список пакетов
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2021:2835-1
- SUSE Security Ratings
- SUSE Bug 1189320
- SUSE CVE CVE-2021-2372 page
- SUSE CVE CVE-2021-2389 page
Описание
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Затронутые продукты
Ссылки
- CVE-2021-2372
- SUSE Bug 1188549
- SUSE Bug 1189320
- SUSE Bug 1199955
Описание
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Затронутые продукты
Ссылки
- CVE-2021-2389
- SUSE Bug 1188549
- SUSE Bug 1189320
- SUSE Bug 1199955