[ALSA-2019:3708] mariadb:10.3 security and bug fix update
An update for the mariadb:10.3 module is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
The following packages have been upgraded to a later upstream version: mariadb (10.3.17), galera (25.3.26). (BZ#1701687, BZ#1711265, BZ#1741358)
Security Fix(es):
mysql: InnoDB unspecified vulnerability (CPU Jan 2019) (CVE-2019-2510)
mysql: Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537)
mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614)
mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627)
mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628)
mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737)
mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739)
mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740)
mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758)
mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- ID
- ALSA-2019:3708
- Severity
- moderate
- URL
- https://errata.almalinux.org/ALSA-2019:3708.html
- Published
-
2019-11-05T20:53:43
(4 years ago) - Modified
-
2022-04-28T12:46:58
(2 years ago) - Rights
- Copyright 2022 AlmaLinux OS
- Other Advisories
-
- ALAS-2019-1178
- ALAS-2019-1181
- ALAS-2019-1296
- ALAS-2019-1297
- ALAS2-2019-1292
- ALAS2-2020-1537
- ALPINE:CVE-2019-2510
- ALPINE:CVE-2019-2537
- ALPINE:CVE-2019-2614
- ALPINE:CVE-2019-2627
- ALPINE:CVE-2019-2628
- ALPINE:CVE-2019-2737
- ALPINE:CVE-2019-2739
- ALPINE:CVE-2019-2740
- ALPINE:CVE-2019-2758
- ALPINE:CVE-2019-2805
- ALSA-2019:2511
- ALSA-2020:3732
- ALSA-2020:5503
- ELSA-2019-2327
- ELSA-2019-2511
- ELSA-2020-1100
- ELSA-2020-3732
- ELSA-2020-5503
- FEDORA-2019-21b76d179e
- FEDORA-2019-60befaed69
- FEDORA-2019-614f1cd5a8
- FEDORA-2019-6a8a9efc40
- FEDORA-2019-96516ce0ac
- FEDORA-2019-c106e46a95
- FEDORA-2019-c1fab3f139
- FEDORA-2019-f873e2799f
- FEDORA-2021-b1d1655cef
- FEDORA-2021-db50ab62d3
- FREEBSD:198E6220-AC8B-11E9-A1C7-B499BAEBFEAF
- FREEBSD:622B5C47-855B-11EA-A5E2-D4C9EF517024
- FREEBSD:D3D02D3A-2242-11E9-B95C-B499BAEBFEAF
- GLSA-201908-24
- GLSA-202105-27
- openSUSE-SU-2019:0327-1
- openSUSE-SU-2019:1913-1
- openSUSE-SU-2019:1915-1
- openSUSE-SU-2019:2698-1
- RHSA-2019:2327
- RHSA-2019:2511
- RHSA-2019:3708
- RHSA-2020:1100
- RHSA-2020:3732
- RHSA-2020:5503
- RLSA-2019:2511
- RLSA-2019:3708
- RLSA-2020:3732
- RLSA-2020:5503
- SSA:2019-032-01
- SSA:2019-213-01
- SUSE-SU-2019:0555-1
- SUSE-SU-2019:0609-1
- SUSE-SU-2019:1162-1
- SUSE-SU-2019:2020-1
- SUSE-SU-2019:2048-1
- SUSE-SU-2019:2118-1
- SUSE-SU-2019:2330-1
- SUSE-SU-2019:2461-1
- SUSE-SU-2019:2687-1
- SUSE-SU-2019:2867-1
- SUSE-SU-2019:3270-1
- SUSE-SU-2019:3306-1
- SUSE-SU-2019:3369-1
- SUSE-SU-2020:0640-1
- SUSE-SU-2020:0831-1
- USN-3867-1
- USN-3957-1
- USN-3957-2
- USN-3957-3
- USN-4070-1
- USN-4070-2
- USN-4070-3
- USN-4350-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2019-2510 | https://vulners.com/cve/CVE-2019-2510 | |
CVE | CVE-2019-2537 | https://vulners.com/cve/CVE-2019-2537 | |
CVE | CVE-2019-2614 | https://vulners.com/cve/CVE-2019-2614 | |
CVE | CVE-2019-2627 | https://vulners.com/cve/CVE-2019-2627 | |
CVE | CVE-2019-2628 | https://vulners.com/cve/CVE-2019-2628 | |
CVE | CVE-2019-2737 | https://vulners.com/cve/CVE-2019-2737 | |
CVE | CVE-2019-2739 | https://vulners.com/cve/CVE-2019-2739 | |
CVE | CVE-2019-2740 | https://vulners.com/cve/CVE-2019-2740 | |
CVE | CVE-2019-2758 | https://vulners.com/cve/CVE-2019-2758 | |
CVE | CVE-2019-2805 | https://vulners.com/cve/CVE-2019-2805 | |
CVE | CVE-2020-2922 | https://vulners.com/cve/CVE-2020-2922 | |
CVE | CVE-2021-2007 | https://vulners.com/cve/CVE-2021-2007 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/almalinux/Judy?arch=x86_64&distro=almalinux-8.6 | almalinux | Judy | < 1.0.5-18.module_el8.6.0+2867+72759d2f | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/Judy?arch=x86_64&distro=almalinux-8.5 | almalinux | Judy | < 1.0.5-18.module_el8.5.0+2632+14ced695 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/Judy?arch=x86_64&distro=almalinux-8.3 | almalinux | Judy | < 1.0.5-18.module_el8.3.0+2028+5e3224e9 | almalinux-8.3 | x86_64 | |
Affected | pkg:rpm/almalinux/Judy?arch=i686&distro=almalinux-8.3 | almalinux | Judy | < 1.0.5-18.module_el8.3.0+2028+5e3224e9 | almalinux-8.3 | i686 | |
Affected | pkg:rpm/almalinux/Judy?arch=aarch64&distro=almalinux-8.6 | almalinux | Judy | < 1.0.5-18.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/Judy?arch=aarch64&distro=almalinux-8.4 | almalinux | Judy | < 1.0.5-18.module_el8.4.0+2215+7adc332a | almalinux-8.4 | aarch64 | |
Affected | pkg:rpm/almalinux/Judy-devel?arch=x86_64&distro=almalinux-8.6 | almalinux | Judy-devel | < 1.0.5-18.module_el8.6.0+3072+3c630e87 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/Judy-devel?arch=x86_64&distro=almalinux-8.3 | almalinux | Judy-devel | < 1.0.5-18.module_el8.3.0+2028+5e3224e9 | almalinux-8.3 | x86_64 | |
Affected | pkg:rpm/almalinux/Judy-devel?arch=i686&distro=almalinux-8.3 | almalinux | Judy-devel | < 1.0.5-18.module_el8.3.0+2028+5e3224e9 | almalinux-8.3 | i686 | |
Affected | pkg:rpm/almalinux/Judy-devel?arch=aarch64&distro=almalinux-8.6 | almalinux | Judy-devel | < 1.0.5-18.module_el8.6.0+2867+72759d2f | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/asio-devel?arch=x86_64&distro=almalinux-8.6 | almalinux | asio-devel | < 1.10.8-7.module_el8.6.0+2867+72759d2f | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/asio-devel?arch=aarch64&distro=almalinux-8.6 | almalinux | asio-devel | < 1.10.8-7.module_el8.6.0+2867+72759d2f | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/asio-devel?arch=aarch64&distro=almalinux-8.4 | almalinux | asio-devel | < 1.10.8-7.module_el8.4.0+2233+0d1461da | almalinux-8.4 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |