[Git][security-tracker-team/security-tracker][master] Track MariaDB as well for CVE-2020-2574
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 29 08:50:46 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
de0065be by Salvatore Bonaccorso at 2020-01-29T09:48:56+01:00
Track MariaDB as well for CVE-2020-2574
All MariaDB updates are actually very intransparent. Upstream apparently
consider CVE-2020-2574 as well various other MariaDB versions
(apparently but any other CVE from the Oracle CPU from January?) and
fixed in 5.5.67, 10.1.44, 10.2.31, 10.3.22 and 10.4.12.
Add tracking for src:mariadb-10.3 and src:mariadb-10.1 repsectively.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13833,7 +13833,10 @@ CVE-2020-2575
RESERVED
CVE-2020-2574 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #949994)
+ - mariadb-10.3 1:10.3.22-1
+ - mariadb-10.1 <removed>
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
+ NOTE: Fixed in MariaDB: 5.5.67, 10.1.44, 10.2.31, 10.3.22, 10.4.12
CVE-2020-2573 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- mysql-5.7 <unfixed> (bug #949994)
NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de0065bed62e4f5a58600bb3231a4ab875303f75
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/de0065bed62e4f5a58600bb3231a4ab875303f75
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200129/979b9835/attachment.html>
More information about the debian-security-tracker-commits
mailing list