ALSA-2021:1242

See a problem?
Please try reporting it to the source first.
Source
https://errata.almalinux.org/8/ALSA-2021-1242.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1242.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2021:1242
Related
Published
2021-04-19T00:00:00Z
Modified
2023-03-13T16:34:13Z
Summary
Important: mariadb:10.3 and mariadb-devel:10.3 security update
Details

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32). Security Fix(es): * mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:8 / Judy

Package

Name
Judy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.5-18.module_el8.6.0+2867+72759d2f

AlmaLinux:8 / Judy

Package

Name
Judy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.5-18.module_el8.3.0+2028+5e3224e9

AlmaLinux:8 / Judy

Package

Name
Judy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.5-18.module_el8.5.0+2632+14ced695

AlmaLinux:8 / Judy

Package

Name
Judy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.5-18.module_el8.6.0+2761+593e5e59

AlmaLinux:8 / Judy-devel

Package

Name
Judy-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.5-18.module_el8.6.0+3072+3c630e87

AlmaLinux:8 / Judy-devel

Package

Name
Judy-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.5-18.module_el8.6.0+2867+72759d2f

AlmaLinux:8 / Judy-devel

Package

Name
Judy-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.5-18.module_el8.3.0+2028+5e3224e9

AlmaLinux:8 / asio-devel

Package

Name
asio-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.8-7.module_el8.6.0+2867+72759d2f

AlmaLinux:8 / asio-devel

Package

Name
asio-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.8-7.module_el8.6.0+3072+3c630e87

AlmaLinux:8 / galera

Package

Name
galera

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25.3.32-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb

Package

Name
mariadb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-backup

Package

Name
mariadb-backup

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-common

Package

Name
mariadb-common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-devel

Package

Name
mariadb-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-embedded

Package

Name
mariadb-embedded

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-embedded-devel

Package

Name
mariadb-embedded-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-errmsg

Package

Name
mariadb-errmsg

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-gssapi-server

Package

Name
mariadb-gssapi-server

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-oqgraph-engine

Package

Name
mariadb-oqgraph-engine

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-server

Package

Name
mariadb-server

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-server-galera

Package

Name
mariadb-server-galera

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-server-utils

Package

Name
mariadb-server-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a

AlmaLinux:8 / mariadb-test

Package

Name
mariadb-test

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3:10.3.28-1.module_el8.3.0+2177+7adc332a