Mageia 2021-0402: mariadb security update
Summary
Updated mariadb packages fix security vulnerabilities:
A security issue has been found in the InnoDB component of MariaDB
before version 10.6.4. A difficult to exploit vulnerability allows a
high privileged attacker with network access via multiple protocols to
compromise the MariaDB server. Successful attacks of this vulnerability
can result in the unauthorized ability to cause a hang or frequently
repeatable crash (complete denial of service) of the MariaDB server
(CVE-2021-2372).
A security issue has been found in the InnoDB component of MariaDB
before version 10.6.4. A difficult to exploit vulnerability allows an
unauthenticated attacker with network access via multiple protocols to
compromise the MariaDB server. Successful attacks of this vulnerability
can result in the unauthorized ability to cause a hang or frequently
repeatable crash (complete denial of service) of the MariaDB server
(CVE-2021-2389).
References
- https://bugs.mageia.org/show_bug.cgi?id=29338
- https://mariadb.com/kb/en/mariadb-10512-release-notes/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2372
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2389
Resolution
MGASA-2021-0402 - Updated mariadb packages fix security vulnerabilities
SRPMS
- 8/core/mariadb-10.5.12-1.mga8