Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2022-141-01
HistoryMay 21, 2022 - 7:35 p.m.

[slackware-security] mariadb

2022-05-2119:35:40
Slackware Linux Project
www.slackware.com
29

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON

New mariadb packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:

patches/packages/mariadb-10.5.16-i586-1_slack15.0.txz: Upgraded.
This update fixes bugs and several security issues.
For more information, see:
https://vulners.com/cve/CVE-2022-27376
https://vulners.com/cve/CVE-2022-27377
https://vulners.com/cve/CVE-2022-27378
https://vulners.com/cve/CVE-2022-27379
https://vulners.com/cve/CVE-2022-27380
https://vulners.com/cve/CVE-2022-27381
https://vulners.com/cve/CVE-2022-27382
https://vulners.com/cve/CVE-2022-27383
https://vulners.com/cve/CVE-2022-27384
https://vulners.com/cve/CVE-2022-27386
https://vulners.com/cve/CVE-2022-27387
https://vulners.com/cve/CVE-2022-27444
https://vulners.com/cve/CVE-2022-27445
https://vulners.com/cve/CVE-2022-27446
https://vulners.com/cve/CVE-2022-27447
https://vulners.com/cve/CVE-2022-27448
https://vulners.com/cve/CVE-2022-27449
https://vulners.com/cve/CVE-2022-27451
https://vulners.com/cve/CVE-2022-27452
https://vulners.com/cve/CVE-2022-27455
https://vulners.com/cve/CVE-2022-27456
https://vulners.com/cve/CVE-2022-27457
https://vulners.com/cve/CVE-2022-27458
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mariadb-10.5.16-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mariadb-10.5.16-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-10.6.8-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-10.6.8-x86_64-1.txz

MD5 signatures:

Slackware 15.0 package:
ecb061b2fd14afa6a49ce7ec6444f330 mariadb-10.5.16-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
2f0ff61046594f11ea453a0cd72a6821 mariadb-10.5.16-x86_64-1_slack15.0.txz

Slackware -current package:
585471bc35bacb823bb2fa4dfc5822f7 ap/mariadb-10.6.8-i586-1.txz

Slackware x86_64 -current package:
c1de747136665d820b7562d5d9d9ad7d ap/mariadb-10.6.8-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg mariadb-10.5.16-i586-1_slack15.0.txz

Then, restart the database server:
> sh /etc/rc.d/rc.mysqld restart

Related

nessus 44
openvas 32
mageia 1
suse 3
freebsd 1
mariadbunix 6
osv 27
photon 2
almalinux 3
redhat 5
debian 1
rocky 3
ubuntu 1
oraclelinux 3
rosalinux 2
ibm 1
prion 9
cbl_mariner 12
ubuntucve 7
redhatcve 6
alpinelinux 2
debiancve 6
cve 10
cnvd 6
veracode 6
nessus
nessus
Slackware Linux 15.0 / current mariadb Multiple Vulnerabilities (SSA:2022-141-01)
2022-05-21 00:00:00
SUSE SLES15 Security Update : mariadb (SUSE-SU-2022:2189-1)
2022-06-28 00:00:00
SUSE SLES15 Security Update : mariadb (SUSE-SU-2022:2003-1)
2022-06-08 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2022-141-01)
2022-05-23 00:00:00
Mageia: Security Advisory (MGASA-2022-0215)
2022-06-06 00:00:00
openSUSE: Security Advisory for mariadb (SUSE-SU-2022:2003-1)
2022-06-08 00:00:00
mageia
mageia
Updated mariadb packages fix security vulnerability
2022-06-03 20:15:11
suse
suse
Security update for mariadb (important)
2022-06-07 00:00:00
Security update for mariadb (important)
2022-06-16 00:00:00
Security update for mariadb (important)
2022-07-27 00:00:00
freebsd
freebsd
MariaDB -- Multiple vulnerabilities
2022-05-20 00:00:00
mariadbunix
mariadbunix
MariaDB vulnerabilities
2022-11-23 00:00:00
CVE-2022-27451
2022-04-14 13:15:00
CVE-2022-27444
2022-04-14 13:15:00
osv
osv
Moderate: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update
2022-08-09 00:00:00
Moderate: mariadb:10.5 security, bug fix, and enhancement update
2022-08-02 00:00:00
mariadb-10.3 - security update
2022-09-16 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0399
2022-06-03 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0399
2022-06-03 00:00:00
almalinux
almalinux
Moderate: mariadb:10.5 security, bug fix, and enhancement update
2022-08-02 00:00:00
Moderate: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update
2022-08-09 00:00:00
Moderate: mariadb:10.3 security and bug fix update
2022-09-13 00:00:00
redhat
redhat
(RHSA-2022:5826) Moderate: mariadb:10.5 security, bug fix, and enhancement update
2022-08-02 07:05:52
(RHSA-2022:5948) Moderate: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update
2022-08-09 09:35:35
(RHSA-2022:5759) Moderate: rh-mariadb105-galera and rh-mariadb105-mariadb security and bugfix update
2022-07-28 15:49:44
debian
debian
[SECURITY] [DLA 3114-1] mariadb-10.3 security update
2022-09-16 09:12:56
rocky
rocky
galera, mariadb, and mysql-selinux security, bug fix, and enhancement update
2022-08-09 09:35:35
mariadb:10.5 security, bug fix, and enhancement update
2022-08-02 07:05:52
mariadb:10.3 security and bug fix update
2022-09-13 07:36:42
ubuntu
ubuntu
MariaDB vulnerabilities
2022-11-23 00:00:00
oraclelinux
oraclelinux
mariadb:10.5 security, bug fix, and enhancement update
2022-08-03 00:00:00
galera, mariadb, and mysql-selinux security, bug fix, and enhancement update
2022-08-10 00:00:00
mariadb:10.3 security and bug fix update
2022-09-15 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2253
2023-10-21 15:31:29
Advisory ROSA-SA-2023-2254
2023-10-21 15:52:51
ibm
ibm
Security Bulletin: Security vulnerability is addressed with IBM Cloud Pak for Business Automation iFixes for November 2022
2022-12-22 18:13:14
prion
prion
Design/Logic Flaw
2022-04-12 20:15:00
Design/Logic Flaw
2022-04-12 20:15:00
Sql injection
2022-04-14 13:15:00
cbl_mariner
cbl_mariner
CVE-2022-27446 affecting package mariadb 10.3.35-1
2022-10-13 00:40:28
CVE-2022-27382 affecting package mariadb 10.3.35-1
2022-10-13 00:40:28
CVE-2022-27446 affecting package mariadb 10.6.8-1
2022-09-07 19:51:44
ubuntucve
ubuntucve
CVE-2022-27382
2022-04-12 00:00:00
CVE-2022-27448
2022-04-14 00:00:00
CVE-2022-27451
2022-04-14 00:00:00
redhatcve
redhatcve
CVE-2022-27455
2022-04-26 05:33:55
CVE-2022-27458
2022-04-14 22:38:43
CVE-2022-27449
2022-04-14 22:38:34
alpinelinux
alpinelinux
CVE-2022-27446
2022-04-14 13:15:00
CVE-2022-27449
2022-04-14 13:15:00
debiancve
debiancve
CVE-2022-27446
2022-04-14 13:15:00
CVE-2022-27451
2022-04-14 13:15:00
CVE-2022-27444
2022-04-14 13:15:00
cve
cve
CVE-2022-27451
2022-04-14 13:15:00
CVE-2022-27381
2022-04-12 20:15:00
CVE-2022-27446
2022-04-14 13:15:00
cnvd
cnvd
MariaDB item_cmpfunc.h denial of service vulnerability
2022-04-18 00:00:00
MariaDB my_mb_wc_latin1 component memory mis-reference vulnerability
2022-04-18 00:00:00
MariaDB item_cmpfunc.cc denial of service vulnerability
2022-04-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-05-25 05:02:08
Denial Of Service (DoS)
2022-05-25 05:40:08
Denial Of Service (DoS)
2022-05-25 05:02:01

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON
Related for SSA-2022-141-01
nessus44openvas32mageia1suse3freebsd1mariadbunix6osv27photon2almalinux3redhat5debian1rocky3ubuntu1oraclelinux3rosalinux2ibm1prion9cbl_mariner12ubuntucve7redhatcve6alpinelinux2debiancve6cve10cnvd6veracode6