RHSA-2020:5500-01 -- Redhat Judy, galera, mariadbID: oval:org.secpod.oval:def:69627 | Date: (C)2021-03-05 (M)2023-11-13 |
Class: PATCH | Family: unix |
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb , galera . Security Fix: * mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep * mysql: InnoDB unspecified vulnerability * mysql: Server: Optimizer unspecified vulnerability * mysql: C API unspecified vulnerability * mysql: InnoDB unspecified vulnerability * mysql: Server: DML unspecified vulnerability * mysql: Server: Stored Procedure unspecified vulnerability * mysql: InnoDB unspecified vulnerability * mariadb-connector-c: Improper validation of content in a OK packet received from server * mysql: Server: FTS unspecified vulnerability * mysql: InnoDB unspecified vulnerability * mysql: Server: FTS unspecified vulnerability * mysql: Server: Locking unspecified vulnerability * mysql: C API unspecified vulnerability For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * FTBFS: -D_GLIBCXX_ASSERTIONS * Queries with entity_id IN run much slower in MariaDB 10.3 than on MariaDB 10.1 * Cleanup race with wsrep_rsync_sst_tunnel may prevent full galera cluster bootstrap * There are undeclared file conflicts in several mariadb and mysql packages
Product: |
Judy |
galera |
mariadb |