[Git][security-tracker-team/security-tracker][master] CVE-2021-4666[4-5]

Bastien Roucariès (@rouca) rouca at debian.org
Sun Aug 4 10:52:49 BST 2024 


Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a6054619 by Bastien Roucariès at 2024-08-04T09:52:06+00:00
CVE-2021-4666[4-5]

Fixed in identical commit upstream

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -197392,7 +197392,9 @@ CVE-2021-46665 (MariaDB through 10.5.9 allows a sql_parse.cc application crash b
 	[bullseye] - mariadb-10.5 1:10.5.15-0+deb11u1
 	- mariadb-10.3 <removed>
 	[buster] - mariadb-10.3 1:10.3.34-0+deb10u1
-	NOTE: https://jira.mariadb.org/browse/MDEV-25636
+	NOTE: MariaDB Bug: https://jira.mariadb.org/browse/MDEV-25636
+	NOTE: Commit MariaDB: https://github.com/MariaDB/server/commit/3a52569499e2f0c4d1f25db1e81617a9d9755400 (mariadb-10.2.43)
+	NOTE: Same fix than CVE-2021-46664, MDEV-25636 and MDEV-25761 are linked upstream, tests and commit identical
 	NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
 CVE-2021-46664 (MariaDB through 10.5.9 allows an application crash in sub_select_postj ...)
 	- mariadb-10.6 1:10.6.7-1
@@ -197400,7 +197402,9 @@ CVE-2021-46664 (MariaDB through 10.5.9 allows an application crash in sub_select
 	[bullseye] - mariadb-10.5 1:10.5.15-0+deb11u1
 	- mariadb-10.3 <removed>
 	[buster] - mariadb-10.3 1:10.3.34-0+deb10u1
-	NOTE: https://jira.mariadb.org/browse/MDEV-25761
+	NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-25761
+	NOTE: Commit MariaDB: https://github.com/MariaDB/server/commit/3a52569499e2f0c4d1f25db1e81617a9d9755400 (mariadb-10.2.43)
+	NOTE: Same fix than CVE-2021-46665, MDEV-25636 and MDEV-25761 are linked upstream, tests and commit identical
 	NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
 CVE-2021-46663 (MariaDB through 10.5.13 allows a ha_maria::extra application crash via ...)
 	- mariadb-10.6 1:10.6.7-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6054619d784b13a8c959fffcfea7a9138f33988

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6054619d784b13a8c959fffcfea7a9138f33988
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240804/3c87f8c1/attachment.htm>

More information about the debian-security-tracker-commits mailing list