Описание
Security update for xtrabackup
This update for xtrabackup fixes the following issues:
Update xtrabackup to version 2.4.26:
- CVE-2020-10997: Information exposure via cmd line output and table history (boo#1170644)
- CVE-2020-29488: Changes in how absolute paths are handled (boo#1205581)
Список пакетов
SUSE Package Hub 15 SP4
xtrabackup-2.4.26-bp154.2.3.1
xtrabackup-test-2.4.26-bp154.2.3.1
openSUSE Leap 15.4
xtrabackup-2.4.26-bp154.2.3.1
xtrabackup-test-2.4.26-bp154.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2022:10212-1
- SUSE Security Ratings
- SUSE Bug 1125418
- SUSE Bug 1135095
- SUSE Bug 1170644
- SUSE Bug 1205581
- SUSE CVE CVE-2020-10997 page
- SUSE CVE CVE-2020-29488 page
Описание
Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table.
Затронутые продукты
SUSE Package Hub 15 SP4:xtrabackup-2.4.26-bp154.2.3.1
SUSE Package Hub 15 SP4:xtrabackup-test-2.4.26-bp154.2.3.1
openSUSE Leap 15.4:xtrabackup-2.4.26-bp154.2.3.1
openSUSE Leap 15.4:xtrabackup-test-2.4.26-bp154.2.3.1
Ссылки
- CVE-2020-10997
- SUSE Bug 1170644
- SUSE Bug 1200484
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
SUSE Package Hub 15 SP4:xtrabackup-2.4.26-bp154.2.3.1
SUSE Package Hub 15 SP4:xtrabackup-test-2.4.26-bp154.2.3.1
openSUSE Leap 15.4:xtrabackup-2.4.26-bp154.2.3.1
openSUSE Leap 15.4:xtrabackup-test-2.4.26-bp154.2.3.1
Ссылки
- CVE-2020-29488
- SUSE Bug 1205581