SUSE-SU-2025:4491-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20254491-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4491-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:4491-1
Upstream
  • CVE-2025-13699
Related
Published
2025-12-19T11:40:47Z
Modified
2026-03-23T04:51:48.505308Z
Summary
Security update for mariadb
Details

This update for mariadb fixes the following issues:

Update to version 10.5.29.

Release notes and changelog:

  • https://mariadb.com/kb/en/mariadb-10-5-29-release-notes/
  • https://mariadb.com/kb/en/mariadb-10-5-29-changelog/
  • https://mariadb.com/kb/en/mariadb-10-5-28-release-notes/
  • https://mariadb.com/kb/en/mariadb-10-5-28-changelog/

Security issues fixed:

  • Version 10.5.28:

    • CVE-2025-21490: InnoDB issue allows high privileged attacker with network access to cause a hang or frequently repeatable crash of MySQL Server (bsc#1243356).

  • Version 10.5.29:

    • CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert or delete access to data and cause repeatable crash in MySQL server (bsc#1249213).
    • CVE-2025-30722: mysqldump issue allows low privileged attacker with network access to gain unauthorized update, insert or delete access to data in MySQL Client (bsc#1249212).
    • CVE-2023-52969: crash with empty backtrace log in MariaDB Server (bsc#1239150).
    • CVE-2023-52970: crash in MariaDB Server when inserting from derived table containing insert target table (bsc#1239151).

  • CVE-2025-13699: lack of proper validation of a user-supplied path prior to using it in file operations allows an attacker to execute code in the context of the current user (bsc#1254313).

References

Affected packages

SUSE:Enterprise Storage 7.1
mariadb

Package

Name
mariadb
Purl
pkg:rpm/suse/mariadb&distro=SUSE%20Enterprise%20Storage%207.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.5.29-150300.3.55.1

Ecosystem specific 

{
    "binaries": [
        {
            "libmariadbd-devel": "10.5.29-150300.3.55.1",
            "mariadb": "10.5.29-150300.3.55.1",
            "mariadb-tools": "10.5.29-150300.3.55.1",
            "mariadb-client": "10.5.29-150300.3.55.1",
            "mariadb-errormessages": "10.5.29-150300.3.55.1",
            "libmariadbd19": "10.5.29-150300.3.55.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4491-1.json"
SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS
mariadb

Package

Name
mariadb
Purl
pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.5.29-150300.3.55.1

Ecosystem specific 

{
    "binaries": [
        {
            "libmariadbd-devel": "10.5.29-150300.3.55.1",
            "mariadb": "10.5.29-150300.3.55.1",
            "mariadb-tools": "10.5.29-150300.3.55.1",
            "mariadb-client": "10.5.29-150300.3.55.1",
            "mariadb-errormessages": "10.5.29-150300.3.55.1",
            "libmariadbd19": "10.5.29-150300.3.55.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4491-1.json"
SUSE:Linux Enterprise Server 15 SP3-LTSS
mariadb

Package

Name
mariadb
Purl
pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.5.29-150300.3.55.1

Ecosystem specific 

{
    "binaries": [
        {
            "libmariadbd-devel": "10.5.29-150300.3.55.1",
            "mariadb": "10.5.29-150300.3.55.1",
            "mariadb-tools": "10.5.29-150300.3.55.1",
            "mariadb-client": "10.5.29-150300.3.55.1",
            "mariadb-errormessages": "10.5.29-150300.3.55.1",
            "libmariadbd19": "10.5.29-150300.3.55.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4491-1.json"
SUSE:Linux Enterprise Server for SAP Applications 15 SP3
mariadb

Package

Name
mariadb
Purl
pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.5.29-150300.3.55.1

Ecosystem specific 

{
    "binaries": [
        {
            "libmariadbd-devel": "10.5.29-150300.3.55.1",
            "mariadb": "10.5.29-150300.3.55.1",
            "mariadb-tools": "10.5.29-150300.3.55.1",
            "mariadb-client": "10.5.29-150300.3.55.1",
            "mariadb-errormessages": "10.5.29-150300.3.55.1",
            "libmariadbd19": "10.5.29-150300.3.55.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4491-1.json"