USN-6600-1

Source
https://ubuntu.com/security/notices/USN-6600-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6600-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6600-1
Related
Published
2024-01-25T18:32:58.091372Z
Modified
2024-01-25T18:32:58.091372Z
Summary
mariadb, mariadb-10.3, mariadb-10.6 vulnerabilities
Details

Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues.

MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16 in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10.

CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

References

Affected packages

Ubuntu:20.04:LTS / mariadb-10.3

Package

Name
mariadb-10.3
Purl
pkg:deb/ubuntu/mariadb-10.3?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:10.3.39-0ubuntu0.20.04.2

Affected versions

1:10.*

1:10.3.17-1
1:10.3.18-1
1:10.3.19-1
1:10.3.21-2
1:10.3.22-1
1:10.3.22-1ubuntu1
1:10.3.25-0ubuntu0.20.04.1
1:10.3.29-0ubuntu0.20.04.1
1:10.3.30-0ubuntu0.20.04.1
1:10.3.31-0ubuntu0.20.04.1
1:10.3.32-0ubuntu0.20.04.1
1:10.3.34-0ubuntu0.20.04.1
1:10.3.37-0ubuntu0.20.04.1
1:10.3.38-0ubuntu0.20.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadb-dev"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadb-dev-compat"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadb-dev-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadb3"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadb3-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadbclient-dev"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadbd-dev"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadbd19"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "libmariadbd19-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-backup"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-backup-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-client"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-client-10.3"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-client-10.3-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-client-core-10.3"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-client-core-10.3-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-common"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-connect"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-connect-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-cracklib-password-check"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-cracklib-password-check-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-gssapi-client"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-gssapi-client-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-gssapi-server"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-gssapi-server-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-mroonga"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-mroonga-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-oqgraph"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-oqgraph-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-rocksdb"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-rocksdb-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-spider"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-spider-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-tokudb"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-plugin-tokudb-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-server"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-server-10.3"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-server-10.3-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-server-core-10.3"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-server-core-10.3-dbgsym"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-test"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-test-data"
        },
        {
            "binary_version": "1:10.3.39-0ubuntu0.20.04.2",
            "binary_name": "mariadb-test-dbgsym"
        }
    ]
}

Ubuntu:22.04:LTS / mariadb-10.6

Package

Name
mariadb-10.6
Purl
pkg:deb/ubuntu/mariadb-10.6?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:10.6.16-0ubuntu0.22.04.1

Affected versions

1:10.*

1:10.6.7-2ubuntu1
1:10.6.7-2ubuntu1.1
1:10.6.11-0ubuntu0.22.04.1
1:10.6.12-0ubuntu0.22.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadb-dev"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadb-dev-compat"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadb-dev-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadb3"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadb3-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadbd-dev"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadbd19"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "libmariadbd19-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-backup"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-backup-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-client"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-client-10.6"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-client-10.6-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-client-core-10.6"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-client-core-10.6-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-common"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-connect"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-connect-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-cracklib-password-check"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-cracklib-password-check-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-gssapi-client"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-gssapi-client-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-gssapi-server"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-gssapi-server-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-mroonga"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-mroonga-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-oqgraph"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-oqgraph-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-rocksdb"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-rocksdb-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-s3"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-s3-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-spider"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-plugin-spider-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-server"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-server-10.6"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-server-10.6-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-server-core-10.6"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-server-core-10.6-dbgsym"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-test"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-test-data"
        },
        {
            "binary_version": "1:10.6.16-0ubuntu0.22.04.1",
            "binary_name": "mariadb-test-dbgsym"
        }
    ]
}

Ubuntu:23.10 / mariadb

Package

Name
mariadb
Purl
pkg:deb/ubuntu/mariadb?arch=src?distro=mantic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:10.11.6-0ubuntu0.23.10.2

Affected versions

1:10.*

1:10.11.2-1
1:10.11.2-3
1:10.11.3-1
1:10.11.4-1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadb-dev"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadb-dev-compat"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadb-dev-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadb3"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadb3-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadbd-dev"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadbd19"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "libmariadbd19-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-backup"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-backup-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-client"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-client-core"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-client-core-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-client-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-common"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-connect"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-connect-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-cracklib-password-check"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-cracklib-password-check-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-gssapi-client"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-gssapi-client-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-gssapi-server"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-gssapi-server-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-hashicorp-key-management"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-hashicorp-key-management-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-mroonga"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-mroonga-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-oqgraph"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-oqgraph-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-bzip2"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-bzip2-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-lz4"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-lz4-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-lzma"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-lzma-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-lzo"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-lzo-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-snappy"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-provider-snappy-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-rocksdb"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-rocksdb-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-s3"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-s3-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-spider"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-plugin-spider-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-server"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-server-10.5"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-server-core"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-server-core-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-server-dbgsym"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-test"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-test-data"
        },
        {
            "binary_version": "1:10.11.6-0ubuntu0.23.10.2",
            "binary_name": "mariadb-test-dbgsym"
        }
    ]
}