[Git][security-tracker-team/security-tracker][master] Add tracking of some MariaDB CVEs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 12 05:57:14 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
94c6b072 by Salvatore Bonaccorso at 2021-05-12T06:56:15+02:00
Add tracking of some MariaDB CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32608,8 +32608,12 @@ CVE-2021-2196 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
 CVE-2021-2195 (Vulnerability in the Oracle Partner Management product of Oracle E-Bus ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2194 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	- mariadb-10.5 1:10.5.9-1
+	- mariadb-10.3 <removed>
+	[buster] - mariadb-10.3 <removed>
 	- mysql-5.7 <removed>
 	- mysql-8.0 <unfixed> (bug #987325)
+	NOTE: Fixed in MariaDB 10.5.9, 10.4.18, 10.3.28, 10.2.37
 CVE-2021-2193 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed> (bug #987325)
 CVE-2021-2192 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
@@ -32671,8 +32675,12 @@ CVE-2021-2168
 CVE-2021-2167 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2166 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	- mariadb-10.5 <unfixed>
+	- mariadb-10.3 <removed>
+	[buster] - mariadb-10.3 <no-dsa> (Minor issue)
 	- mysql-8.0 <unfixed> (bug #987325)
 	- mysql-5.7 <removed>
+	NOTE: Fixed in MariaDB 10.5.10, 10.4.19, 10.3.29, 10.2.38
 CVE-2021-2165
 	RESERVED
 CVE-2021-2164 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -32705,7 +32713,11 @@ CVE-2021-2156 (Vulnerability in the Oracle Customers Online product of Oracle E-
 CVE-2021-2155 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2154 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	- mariadb-10.5 <unfixed>
+	- mariadb-10.3 <removed>
+	[buster] - mariadb-10.3 <no-dsa> (Minor issue)
 	- mysql-5.7 <removed>
+	NOTE: Fixed in MariaDB 10.5.10, 10.4.19, 10.3.29, 10.2.38
 CVE-2021-2153 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2152 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94c6b072cb23cbe693d7cbc5eb147bb7d3efca01

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94c6b072cb23cbe693d7cbc5eb147bb7d3efca01
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210512/9a55780f/attachment.htm>

More information about the debian-security-tracker-commits mailing list