Thursday, January 25, 2024

[USN-6600-1] MariaDB vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsD5BAABCAAjFiEEcxdv4gCCE8W9nrt5a1+PL+d1/EgFAmWyragFAwAAAAAACgkQa1+PL+d1/Egx
GAwAt0gDxSz1MmRYC6Dsob1OlkuaxDRZFXdlMRwY86r5mJfsQQj233n79XCyXGvGHMVn9rJJXHrV
G4RroXKR3vLSwc3Sc3XZrqbTi6nxkMC5JCWgl1+olUXs7AW/ym3OV7qN7bjunwZSWfoirBJtrgH6
O9luTCzjBJ1F/inhTR+aEaVR38zwGXvvNRRxvKms6JDBG4H0EoNUG+yabQRFkkgz/0JQ4klzLN8Z
KfAdoHVDhLna8YJ872DaoGWC++Y+ei/mp8Fctm7tu0mfjRMymhcSDToA9dnyuLKeanptewhAkxrg
gqCbRd1X8BCr1K13VywxBvmTPsFHzg8dCMNdZB83A9xZ5/9ug18WkKgpTCzuO8EaRrwuExIdQizx
wtOv/fwxB+zCY9rwv3c9UVjw90EUXrMIqv5VAGyM/C2Hw1VVdnUz6o3n8YTIUngoeg7dwyb/Z/wp
qMsxKeAHm+G/L+QYYnwethqwjdkEEmOWxFExKi9Q/APZJC7Q8A2/f1NFmSRO
=H0qj
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-6600-1
January 25, 2024

mariadb, mariadb-10.3, mariadb-10.6 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in MariaDB.

Software Description:
- mariadb: MariaDB database
- mariadb-10.6: MariaDB database
- mariadb-10.3: MariaDB database

Details:

Several security issues were discovered in MariaDB and this update
includes new upstream MariaDB versions to fix these issues.

MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16
in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10.

CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS
and Ubuntu 22.04 LTS.

In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
  mariadb-server                  1:10.11.6-0ubuntu0.23.10.2

Ubuntu 22.04 LTS:
  mariadb-server                  1:10.6.16-0ubuntu0.22.04.1

Ubuntu 20.04 LTS:
  mariadb-server                  1:10.3.39-0ubuntu0.20.04.2

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-6600-1
  CVE-2022-47015, CVE-2023-22084

Package Information:
https://launchpad.net/ubuntu/+source/mariadb/1:10.11.6-0ubuntu0.23.10.2
https://launchpad.net/ubuntu/+source/mariadb-10.6/1:10.6.16-0ubuntu0.22.04.1
https://launchpad.net/ubuntu/+source/mariadb-10.3/1:10.3.39-0ubuntu0.20.04.2

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)