[Git][security-tracker-team/security-tracker][master] CVE-2022-27445/MariaDB
Bastien Roucariès (@rouca)
rouca at debian.org
Sun Aug 25 00:36:07 BST 2024
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ca3b163d by Bastien Roucariès at 2024-08-24T23:33:55+00:00
CVE-2022-27445/MariaDB
According to changelog of 10.2
> Window functions have been introduced. This release adds support for a limited set of functions,
> and the basic execution algorithm. Development continues to expand the set of supported functions
> and optimize the execution.
Thus 10.1 is not affected and files patched by referenced commit are not present.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -193299,9 +193299,12 @@ CVE-2022-27445 (MariaDB Server v10.9 and below was discovered to contain a segme
- mariadb-10.5 <removed>
[bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1
- mariadb-10.3 <removed>
- - mariadb-10.1 <removed>
- NOTE: https://jira.mariadb.org/browse/MDEV-28081
- NOTE: https://jira.mariadb.org/browse/MDEV-19398
+ - mariadb-10.1 <not-affected> (windows function are a feature added afer 10.2 see changelog of 10.2)
+ NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-28081
+ NOTE: MariaDB main bug: https://jira.mariadb.org/browse/MDEV-19398
+ NOTE: MariaDB commit [1/2] https://github.com/MariaDB/server/commit/ba4927e520190bbad763bb5260ae154f29a61231 (MariaDB 10.2.44)
+ NOTE: MariaDB commit [2/2] https://github.com/MariaDB/server/commit/624cb9735e737ca3392957e2db2171c2957cf282 (MariaDB 10.2.44)
+ NOTE: Changelog for 10.2 introducing windows function: https://mariadb.com/kb/en/mariadb-1020-release-notes/
CVE-2022-27444 (MariaDB Server v10.9 and below was discovered to contain a segmentatio ...)
- mariadb-10.6 1:10.6.8-1
- mariadb-10.5 <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca3b163d1ec62073c1aa4ef58602d88e0836b9e5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca3b163d1ec62073c1aa4ef58602d88e0836b9e5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240824/9fe9ebf8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list