Mageia 2022-0035: mysql-connector-c++ security update
Summary
Buffer overflow due to inccorect calculation in EVP_PKEY_decrypt.
(CVE-2021-3711)
Denial of Service attack due to possible non-zero terminated strings.
(CVE-2021-3712)
References
- https://bugs.mageia.org/show_bug.cgi?id=29923
- https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
Resolution
MGASA-2022-0035 - Updated mysql-connector-c++ packages fix security vulnerability
SRPMS
- 8/core/mysql-connector-c++-8.0.28-1.mga8