[Git][security-tracker-team/security-tracker][master] CVE-2022-27456/mariadb
Bastien Roucariès (@rouca)
rouca at debian.org
Tue Sep 17 17:14:22 BST 2024
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aada5d9b by Bastien Roucariès at 2024-09-17T16:13:42+00:00
CVE-2022-27456/mariadb
Add main bug and update duplicate fixed CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -198040,7 +198040,13 @@ CVE-2022-27456 (MariaDB Server v10.6.3 and below was discovered to contain an us
[bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1
- mariadb-10.3 <removed>
- mariadb-10.1 <removed>
- NOTE: https://jira.mariadb.org/browse/MDEV-28093
+ NOTE: Bug MariaDB: https://jira.mariadb.org/browse/MDEV-28093
+ NOTE: Bug MariaDB (main): https://jira.mariadb.org/browse/MDEV-24176
+ NOTE: Same fix than CVE-2022-27376, CVE-2022-27379, CVE-2022-27447, CVE-2022-27449, CVE-2022-27452
+ NOTE: Fixed in MariaDB version 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4
+ NOTE: Commit MariaDB [1/3] https://github.com/MariaDB/server/commit/c02ebf3510850ba78a106be9974c94c3b97d8585
+ NOTE: Commit MariaDB [2/3] https://github.com/MariaDB/server/commit/08c7ab404f69d9c4ca6ca7a9cf7eec74c804f917
+ NOTE: Commit MariaDB [3/3] https://github.com/MariaDB/server/commit/b3c3291f0b7c1623cb20663f7cf31b7f749768bc
CVE-2022-27455 (MariaDB Server v10.6.3 and below was discovered to contain an use-afte ...)
- mariadb-10.6 1:10.6.8-1
- mariadb-10.5 <removed>
@@ -198061,7 +198067,7 @@ CVE-2022-27452 (MariaDB Server v10.9 and below was discovered to contain a segme
- mariadb-10.1 <removed>
NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-28090
NOTE: MariaDB main bug: https://jira.mariadb.org/browse/MDEV-24176
- NOTE: Same fix than CVE-2022-27376, CVE-2022-27379, CVE-2022-27447, CVE-2022-27449
+ NOTE: Same fix than CVE-2022-27376, CVE-2022-27379, CVE-2022-27447, CVE-2022-27449, CVE-2022-27456
NOTE: Fixed in MariaDB 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3
NOTE: MariaDB commit: [1/3] https://github.com/MariaDB/server/commit/c02ebf3510850ba78a106be9974c94c3b97d8585 (mariadb-10.3.35)
NOTE: MariaDB commit: [2/3] https://github.com/MariaDB/server/commit/08c7ab404f69d9c4ca6ca7a9cf7eec74c804f917 (mariadb-10.3.35)
@@ -198084,7 +198090,7 @@ CVE-2022-27449 (MariaDB Server v10.9 and below was discovered to contain a segme
- mariadb-10.1 <removed>
NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-28089
NOTE: MariaDB main bug: https://jira.mariadb.org/browse/MDEV-24176
- NOTE: Same fix than CVE-2022-27376, CVE-2022-27379, CVE-2022-27447, CVE-2022-27452
+ NOTE: Same fix than CVE-2022-27376, CVE-2022-27379, CVE-2022-27447, CVE-2022-27452, CVE-2022-27456
NOTE: Fixed in MariaDB 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3
NOTE: MariaDB commit: [1/3] https://github.com/MariaDB/server/commit/c02ebf3510850ba78a106be9974c94c3b97d8585 (mariadb-10.3.35)
NOTE: MariaDB commit: [2/3] https://github.com/MariaDB/server/commit/08c7ab404f69d9c4ca6ca7a9cf7eec74c804f917 (mariadb-10.3.35)
@@ -198108,7 +198114,7 @@ CVE-2022-27447 (MariaDB Server v10.9 and below was discovered to contain a use-a
- mariadb-10.1 <removed>
NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-28099
NOTE: MariaDB main bug: https://jira.mariadb.org/browse/MDEV-24176
- NOTE: Same fix than CVE-2022-27376, CVE-2022-27379 and CVE-2022-27449
+ NOTE: Same fix than CVE-2022-27376, CVE-2022-27379 and CVE-2022-27449, CVE-2022-27452, CVE-2022-27456
NOTE: Fixed in MariaDB 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3
NOTE: MariaDB commit: [1/3] https://github.com/MariaDB/server/commit/c02ebf3510850ba78a106be9974c94c3b97d8585 (mariadb-10.3.35)
NOTE: MariaDB commit: [2/3] https://github.com/MariaDB/server/commit/08c7ab404f69d9c4ca6ca7a9cf7eec74c804f917 (mariadb-10.3.35)
@@ -198368,7 +198374,7 @@ CVE-2022-27379 (An issue in the component Arg_comparator::compare_real_fixed of
- mariadb-10.1 <removed>
NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-26353
NOTE: MariaDB bug (main): https://jira.mariadb.org/browse/MDEV-24176
- NOTE: Same fix than CVE-2022-27376, CVE-2022-27447, CVE-2022-27449, CVE-2022-27452
+ NOTE: Same fix than CVE-2022-27376, CVE-2022-27447, CVE-2022-27449, CVE-2022-27452, CVE-2022-27456
NOTE: Fixed in MariaDB version 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4
CVE-2022-27378 (An issue in the component Create_tmp_table::finalize of MariaDB Server ...)
{DLA-3114-1}
@@ -198400,7 +198406,7 @@ CVE-2022-27376 (MariaDB Server v10.6.5 and below was discovered to contain an us
NOTE: Bug MariaDB: https://jira.mariadb.org/browse/MDEV-26354
NOTE: Bug MariaDB (duplicate): https://jira.mariadb.org/browse/MDEV-26437
NOTE: Bug MariaDB (main): https://jira.mariadb.org/browse/MDEV-24176
- NOTE: Same fix than CVE-2022-27379, CVE-2022-27447, CVE-2022-27449, CVE-2022-27452
+ NOTE: Same fix than CVE-2022-27379, CVE-2022-27447, CVE-2022-27449, CVE-2022-27452, CVE-2022-27456
NOTE: Fixed in MariaDB version 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4
NOTE: Commit MariaDB [1/3] https://github.com/MariaDB/server/commit/c02ebf3510850ba78a106be9974c94c3b97d8585
NOTE: Commit MariaDB [2/3] https://github.com/MariaDB/server/commit/08c7ab404f69d9c4ca6ca7a9cf7eec74c804f917
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aada5d9b0ee1d5f398a923ea0edd187e14a12bb5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aada5d9b0ee1d5f398a923ea0edd187e14a12bb5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240917/b1374acd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list