CVE-2021-2389 & CVE-2021-2372 affect MariaDB in Ubuntu
Bug #1939188 reported by
Otto Kekäläinen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mariadb-10.5 (Ubuntu) |
Fix Released
|
Medium
|
Paulo Flabiano Smorigo |
Bug Description
According to https:/
I am working on updates for all maintained Ubuntu versions for MariaDB:
- mariadb-10.3 in Focal
- mariadb-10.5 in Hirsute
MariaDB 10.5 in Impish will automatically import the new version from Debian Sid once available.
Security sponsor note this: https:/
information type: | Public → Public Security |
Changed in mariadb-10.5 (Ubuntu): | |
assignee: | nobody → Paulo Flabiano Smorigo (pfsmorigo) |
To post a comment you must log in.
The 10.3 series update for 20.04 is now available.
Please use git-buildpackage to fetch and build from the ubuntu-20.04 branch at https:/ /salsa. debian. org/mariadb- team/mariadb- 10.3/tree/ ubuntu- 20.04
The repository uses pristine-tar, so there is no need to separately download the sources. You can just check the signature/SHA1SUM directly from the git-buildpackage generated tarball.
Test builds and testsuite passed on all platforms at /launchpad. net/~mysql- ubuntu/ +archive/ ubuntu/ mariadb- 10.3/+builds? build_text= &build_ state=all
https:/
Debdiffs can be created directly from the repo like in a local clone with 'git diff <tag1>..<tag2> debian/'
Changelog:
mariadb-10.3 (1:10.3. 31-0ubuntu0. 20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: New upstream version 10.3.31 includes fixes for the
following security vulnerabilities (LP: #1939188):
- CVE-2021-2389
- CVE-2021-2372
-- Otto Kekäläinen <email address hidden> Fri, 06 Aug 2021 22:19:19 -0700