[Git][security-tracker-team/security-tracker][master] CVE-2022-32091/mariadb

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a63d3738 by Bastien Roucariès at 2024-09-17T08:49:38+00:00
CVE-2022-32091/mariadb

Add additional information:
- commit
- fixed version
- duplicate bug

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -184174,7 +184174,12 @@ CVE-2022-32091 (MariaDB v10.7 was discovered to contain an use-after-poison in i
 	- mariadb-10.5 <removed>
 	[bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1
 	- mariadb-10.3 <removed>
-	NOTE: https://jira.mariadb.org/browse/MDEV-26431
+	NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-26431
+	NOTE: MariaDB duplicate bug: https://jira.mariadb.org/browse/MDEV-23809
+	NOTE: Not reproductible on 10.1
+	NOTE: Fixed in: 10.3.36, 10.4.26, 10.5.17, 10.6.9, 10.7.5, 10.8.4, 10.9.2
+	NOTE: Commit [1/2]: https://github.com/MariaDB/server/commit/2cd98c95dee7ae77e6280b4e047a2ebec00b5442 (mariadb-10.3.36)
+	NOTE: Commit [2/2]: https://github.com/MariaDB/server/commit/37a3d4467e3115f4d4dfcad0a6ee3c23e785f524 (mariadb-10.3.36)
 CVE-2022-32090
 	RESERVED
 CVE-2022-32089 (MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a63d3738ac4951873eb357109ee7fb4689a2c55a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a63d3738ac4951873eb357109ee7fb4689a2c55a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240917/5a7be9fc/attachment.htm>