[Git][security-tracker-team/security-tracker][master] 2 commits: Update information on 4 CVEs for MariaDB

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
081047d1 by Salvatore Bonaccorso at 2020-11-13T09:11:11+01:00
Update information on 4 CVEs for MariaDB

- - - - -
899ea33b by Salvatore Bonaccorso at 2020-11-13T09:11:44+01:00
Merge remote-tracking branch 'origin/master'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31521,8 +31521,11 @@ CVE-2020-14813 (Vulnerability in the PeopleSoft Enterprise PeopleTools product o
 	NOT-FOR-US: Oracle
 CVE-2020-14812 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mariadb-10.5 1:10.5.8-1
+	- mariadb-10.3 <unfixed>
+	- mariadb-10.1 <removed>
 	- mysql-5.7 <unfixed> (bug #972824)
 	- mysql-8.0 <unfixed> (bug #972623)
+	NOTE: Fixed in MariaDB 10.5.7, 10.3.26, 10.1.48
 CVE-2020-14811 (Vulnerability in the Oracle Applications Manager product of Oracle E-B ...)
 	NOT-FOR-US: Oracle
 CVE-2020-14810 (Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospi ...)
@@ -31586,8 +31589,10 @@ CVE-2020-14790 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 	- mysql-8.0 <unfixed> (bug #972623)
 CVE-2020-14789 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mariadb-10.5 1:10.5.8-1
+	- mariadb-10.3 <unfixed>
 	- mysql-5.7 <unfixed> (bug #972824)
 	- mysql-8.0 <unfixed> (bug #972623)
+	NOTE: Fixed in MariaDB 10.5.7, 10.3.26
 CVE-2020-14788 (Vulnerability in the Oracle Communications Diameter Signaling Router ( ...)
 	NOT-FOR-US: Oracle
 CVE-2020-14787 (Vulnerability in the Oracle Communications Diameter Signaling Router ( ...)
@@ -31623,8 +31628,10 @@ CVE-2020-14777 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 	- mysql-8.0 <unfixed> (bug #972623)
 CVE-2020-14776 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mariadb-10.5 1:10.5.8-1
+	- mariadb-10.3 <unfixed>
 	- mysql-8.0 <unfixed> (bug #972623)
 	- mysql-5.7 <unfixed> (bug #972824)
+	NOTE: Fixed in MariaDB 10.5.7, 10.3.26
 CVE-2020-14775 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed> (bug #972623)
 	- mysql-5.7 <unfixed> (bug #972824)
@@ -31650,8 +31657,11 @@ CVE-2020-14766 (Vulnerability in the Oracle Business Intelligence Enterprise Edi
 	NOT-FOR-US: Oracle
 CVE-2020-14765 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mariadb-10.5 1:10.5.8-1
+	- mariadb-10.3 <unfixed>
+	- mariadb-10.1 <removed>
 	- mysql-8.0 <unfixed> (bug #972623)
 	- mysql-5.7 <unfixed> (bug #972824)
+	NOTE: Fixed in MariaDB 10.5.7, 10.3.26, 10.1.48
 CVE-2020-14764 (Vulnerability in the Hyperion Planning product of Oracle Hyperion (com ...)
 	NOT-FOR-US: Oracle
 CVE-2020-14763 (Vulnerability in the Oracle Application Express Quick Poll component o ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5fa7d6d2bd0fa18b0a7d22a94d5d5a1e68e5534d...899ea33b9fcd8fce53144de757ca876811c07214

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5fa7d6d2bd0fa18b0a7d22a94d5d5a1e68e5534d...899ea33b9fcd8fce53144de757ca876811c07214
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201113/a48a4324/attachment.html>