RLSA-2019:3708

See a problem?
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2019:3708.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2019:3708
Related
Published
2019-11-05T20:53:43Z
Modified
2023-02-02T13:00:00.634103Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Moderate: mariadb:10.3 security and bug fix update
Details

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358)

Security Fix(es):

  • mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510)

  • mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537)

  • mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614)

  • mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627)

  • mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628)

  • mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737)

  • mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739)

  • mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740)

  • mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758)

  • mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section.

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:8 / asio

Package

Name
asio
Purl
pkg:rpm/rocky-linux/asio?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.10.8-7.module+el8.5.0+777+18007c86

Rocky Linux:8 / asio

Package

Name
asio
Purl
pkg:rpm/rocky-linux/asio?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.10.8-7.module+el8.3.0+126+a7f7b5c5

Rocky Linux:8 / Judy

Package

Name
Judy
Purl
pkg:rpm/rocky-linux/Judy?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.0.5-18.module+el8.4.0+427+adf35707