RLSA-2023:5259

Details

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

The following packages have been upgraded to a later upstream version: mariadb (10.3). (BZ#2223572, BZ#2223574, BZ#2223962, BZ#2223965)

Security Fix(es):

mariadb: segmentation fault via the component sub_select (CVE-2022-32084)
mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)
mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)
mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

[MariaDB 10.3.32] socat: E Failed to set SNI host "" (SST failure) (BZ#2223961)

Affected Packages

Rocky Linux:8Judy

Fixed in:

0:1.0.5-18.module+el8.10.0+1674+fa55eae9

Rocky Linux:8Judy

Fixed in:

0:1.0.5-18.module+el8.10.0+1925+356c22e8

Rocky Linux:8Judy

Fixed in:

0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1

Rocky Linux:8Judy

Fixed in:

0:1.0.5-18.module+el8.4.0+427+adf35707

Rocky Linux:8Judy

Fixed in:

0:1.0.5-18.module+el8.4.0+431+26aaed18

Rocky Linux:8galera

Fixed in:

0:25.3.37-1.module+el8.10.0+40062+b4bfe4b1

Rocky Linux:8galera

Fixed in:

0:25.3.37-1.module+el8.8.0+1452+2a7eab68

Rocky Linux:8mariadb

Fixed in:

3:10.3.39-1.module+el8.8.0+1452+2a7eab68

References

REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2106034 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2106042 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2130105 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2163609 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2240246 ADVISORYhttps://errata.rockylinux.org/RLSA-2023:5259

RLSA-2023:5259

Details

Affected Packages

References

CVSS Analysis

Upstream

Ecosystems

Credits

Timeline