Lucene search

K
mageiaGentoo FoundationMGASA-2020-0404
HistoryNov 08, 2020 - 5:14 p.m.

Updated mariadb packages fix security vulnerabilities

2020-11-0817:14:27
Gentoo Foundation
advisories.mageia.org
57
mariadb
security vulnerabilities
bug fixes
cve-2020-14765
cve-2020-14776
cve-2020-14789
cve-2020-14812
mdev-23569
mdev-18366
mdev-23456
mdev-23072
mdev-23968
mdev-23799
unix

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

72.0%

The latest release of mariadb fixes some undisclosed easily exploitable vulnerabilities. (CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 and CVE-2020-14812). Additionally some bugs are fixed: - Temporary tables can overwrite existing files (MDEV-23569) - Crash on SELECT on a table with indexed virtual columns (MDEV-18366) - Fixed a bug in the recovery of encrypted tables (MDEV-23456) - Diskspace not reused for BLOB in data file (MDEV-23072) - CREATE TEMPORARY TABLE … LIKE (system versioned table) returns error if unique index is defined in the table (MDEV-23968) - CREATE … SELECT wrong result on join versioned table (MDEV-23799)

OSVersionArchitecturePackageVersionFilename
Mageia7noarchmariadb< 10.3.26-1mariadb-10.3.26-1.mga7

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

72.0%