[debian-mysql] Bug#972746: mariadb-10.3: CVE-2020-15180

Salvatore Bonaccorso carnil at debian.org
Fri Oct 23 06:06:43 BST 2020


Source: mariadb-10.3
Version: 1:10.3.24-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Control: found -1 1:10.3.23-0+deb10u1
Control: fixed -1 1:10.3.25-0+deb10u1

Hi,

This is to track CVE-2020-15180. The issue is already fixed in buster,
so filling the bug in the BTS as RC severity to avoid buster ->
bullseye "regression" in case mariadb-10.3 is meant to be kept.

DSA 4776-1 fixed it for stable.

Regards,
Salvatore
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled



More information about the pkg-mysql-maint mailing list