CVE-2021-2389 & CVE-2021-2372 affect MariaDB in Ubuntu
Bug #1939188 reported by
Otto Kekäläinen
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| mariadb-10.5 (Ubuntu) |
Fix Released
|
Medium
|
Paulo Flabiano Smorigo | ||
Bug Description
According to https:/
I am working on updates for all maintained Ubuntu versions for MariaDB:
- mariadb-10.3 in Focal
- mariadb-10.5 in Hirsute
MariaDB 10.5 in Impish will automatically import the new version from Debian Sid once available.
Security sponsor note this: https:/
| information type: | Public → Public Security |
Revision history for this message
| Otto Kekäläinen (otto) wrote | #1 |
Revision history for this message
| Otto Kekäläinen (otto) wrote | #3 |
| Changed in mariadb-10.5 (Ubuntu): | |
| assignee: | nobody → Paulo Flabiano Smorigo (pfsmorigo) |
Revision history for this message
| Paulo Flabiano Smorigo (pfsmorigo) wrote | #4 |
| Changed in mariadb-10.5 (Ubuntu): | |
| importance: | Undecided → Medium |
| status: | New → Fix Released |
To post a comment you must log in.
The 10.3 series update for 20.04 is now available.
Please use git-buildpackage to fetch and build from the ubuntu-20.04 branch at https:/
The repository uses pristine-tar, so there is no need to separately download the sources. You can just check the signature/SHA1SUM directly from the git-buildpackage generated tarball.
Test builds and testsuite passed on all platforms at
https:/
Debdiffs can be created directly from the repo like in a local clone with 'git diff <tag1>..<tag2> debian/'
Changelog:
mariadb-10.3 (1:10.3.
* SECURITY UPDATE: New upstream version 10.3.31 includes fixes for the
following security vulnerabilities (LP: #1939188):
- CVE-2021-2389
- CVE-2021-2372
-- Otto Kekäläinen <email address hidden> Fri, 06 Aug 2021 22:19:19 -0700