[Git][security-tracker-team/security-tracker][master] mariadb 10.6 fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Feb 20 09:33:33 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4708c80 by Moritz Muehlenhoff at 2022-02-20T10:33:11+01:00
mariadb 10.6 fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3060,12 +3060,12 @@ CVE-2022-0437 (Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14. ..
 CVE-2022-0436
 	RESERVED
 CVE-2021-46669 (MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_ ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25638
 CVE-2021-46668 (MariaDB through 10.5.9 allows an application crash via certain long SE ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25787
@@ -3083,17 +3083,17 @@ CVE-2021-46666 (MariaDB before 10.6.2 allows an application crash because of mis
 	NOTE: https://jira.mariadb.org/browse/MDEV-25635
 	NOTE: Fixed in MariaDB: 10.2.39, 10.3.30, 10.4.20, 10.5.11, 10.6.2
 CVE-2021-46665 (MariaDB through 10.5.9 allows a sql_parse.cc application crash because ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25636
 CVE-2021-46664 (MariaDB through 10.5.9 allows an application crash in sub_select_postj ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25761
 CVE-2021-46663 (MariaDB through 10.5.13 allows a ha_maria::extra application crash via ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-26351
@@ -3105,7 +3105,7 @@ CVE-2021-46662 (MariaDB through 10.5.9 allows a set_var.cc application crash via
 	NOTE: https://jira.mariadb.org/browse/MDEV-22464
 	NOTE: Fixed in MariaDB: 10.3.32, 10.4.22, 10.5.13, 10.6.5
 CVE-2021-46661 (MariaDB through 10.5.9 allows an application crash in find_field_in_ta ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25766
@@ -3750,20 +3750,20 @@ CVE-2022-24054
 CVE-2022-24053
 	RESERVED
 CVE-2022-24052 (This vulnerability allows local attackers to escalate privileges on af ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-366/
 CVE-2022-24051 (This vulnerability allows local attackers to escalate privileges on af ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-318/
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-365/
 CVE-2022-24050 (This vulnerability allows local attackers to escalate privileges on af ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42
@@ -3771,7 +3771,7 @@ CVE-2022-24050 (This vulnerability allows local attackers to escalate privileges
 CVE-2022-24049 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Sonos One Speaker
 CVE-2022-24048 (This vulnerability allows local attackers to escalate privileges on af ...)
-	- mariadb-10.6 <unfixed>
+	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4708c80b183d6e43b37b7a740d75fb2fa37a1d0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4708c80b183d6e43b37b7a740d75fb2fa37a1d0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220220/e8686c86/attachment.htm>

More information about the debian-security-tracker-commits mailing list