[ALSA-2022:1557] mariadb:10.5 security, bug fix, and enhancement update
An update for the mariadb:10.5 module is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
The following packages have been upgraded to a later upstream version: mariadb (10.5.13), galera (26.4.9). (BZ#2050546)
Security Fix(es):
mysql: Server: DML unspecified vulnerability (CPU Apr 2021) (CVE-2021-2154)
mysql: Server: DML unspecified vulnerability (CPU Apr 2021) (CVE-2021-2166)
mysql: InnoDB unspecified vulnerability (CPU Jul 2021) (CVE-2021-2372)
mysql: InnoDB unspecified vulnerability (CPU Jul 2021) (CVE-2021-2389)
mysql: InnoDB unspecified vulnerability (CPU Oct 2021) (CVE-2021-35604)
mariadb: Integer overflow in sql_lex.cc integer leading to crash (CVE-2021-46667)
mariadb: Crash in get_sort_by_table() in subquery with ORDER BY having outer ref (CVE-2021-46657)
mariadb: save_window_function_values triggers an abort during IN subquery (CVE-2021-46658)
mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries (CVE-2021-46662)
mariadb: Crash caused by mishandling of a pushdown from a HAVING clause to a WHERE clause (CVE-2021-46666)
mariadb: No password masking in audit log when using ALTER USER <user> IDENTIFIED BY <password> command (BZ#1981332)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
mariadb-10.5-module: /etc/security/user_map.conf getting overwritten with mariadb-server upgrade (BZ#2050515)
mariadb-server:10.5 in centos8 stream is not shipping wsrep_sst_rsync_tunnel (BZ#2050524)
Galera doesn't work without 'procps-ng' package MariaDB-10.5 (BZ#2050542)
- ID
- ALSA-2022:1557
- Severity
- moderate
- URL
- https://errata.almalinux.org/ALSA-2022:1557.html
- Published
-
2022-04-26T13:50:46
(2 years ago) - Modified
-
2022-04-28T12:56:03
(2 years ago) - Rights
- Copyright 2022 AlmaLinux OS
- Other Advisories
-
- ALAS-2021-1544
- ALAS2-2023-2057
- ALPINE:CVE-2021-2154
- ALPINE:CVE-2021-2166
- ALPINE:CVE-2021-2372
- ALPINE:CVE-2021-2389
- ALPINE:CVE-2021-35604
- ALPINE:CVE-2021-46662
- ALPINE:CVE-2021-46667
- ALPINE:CVE-2022-27385
- ALSA-2021:3590
- ALSA-2022:1556
- ALSA-2022:6590
- ALSA-2022:7119
- ASA-202105-14
- ELSA-2021-3590
- ELSA-2022-1556
- ELSA-2022-1557
- ELSA-2022-6590
- ELSA-2022-7119
- FEDORA-2021-01189f6361
- FEDORA-2021-179f2fbb88
- FEDORA-2021-27187ac9dd
- FEDORA-2021-46dc82116b
- FEDORA-2021-5b6c69a73a
- FEDORA-2021-68db93b130
- FEDORA-2021-70dd0b9f5d
- FEDORA-2021-72d5918529
- FEDORA-2021-acef1dc8cf
- FEDORA-2021-b8b7829a83
- FEDORA-2021-dc4299a8d0
- FEDORA-2021-df40c41094
- FEDORA-2021-f74148c6d4
- FEDORA-2022-03350936ee
- FEDORA-2022-263f7cc483
- FEDORA-2022-5cfe372ab7
- FREEBSD:38A4A043-E937-11EB-9B84-D4C9EF517024
- FREEBSD:56BA4513-A1BE-11EB-9072-D4C9EF517024
- FREEBSD:ADD683BE-BD76-11EC-A06F-D4C9EF517024
- FREEBSD:C9387E4D-2F5F-11EC-8BE6-D4C9EF517024
- GLSA-202105-27
- GLSA-202105-28
- GLSA-202405-25
- MS:CVE-2021-2166
- MS:CVE-2021-46657
- MS:CVE-2021-46658
- MS:CVE-2021-46662
- MS:CVE-2021-46666
- MS:CVE-2021-46667
- MS:CVE-2022-21451
- MS:CVE-2022-27385
- openSUSE-SU-2021:2605-1
- openSUSE-SU-2021:2616-1
- openSUSE-SU-2021:2617-1
- openSUSE-SU-2021:2835-1
- openSUSE-SU-2021:2837-1
- openSUSE-SU-2021:2939-1
- openSUSE-SU-2021:3835-1
- openSUSE-SU-2022:0731-1
- RHSA-2021:3590
- RHSA-2022:1556
- RHSA-2022:1557
- RHSA-2022:6590
- RHSA-2022:7119
- RLSA-2021:3590
- RLSA-2022:1556
- RLSA-2022:1557
- RLSA-2022:6590
- RLSA-2022:7119
- SUSE-SU-2021:2605-1
- SUSE-SU-2021:2616-1
- SUSE-SU-2021:2617-1
- SUSE-SU-2021:2634-1
- SUSE-SU-2021:2835-1
- SUSE-SU-2021:2837-1
- SUSE-SU-2021:2939-1
- SUSE-SU-2021:3008-1
- SUSE-SU-2021:3835-1
- SUSE-SU-2021:3836-1
- SUSE-SU-2021:3948-1
- SUSE-SU-2021:4202-1
- SUSE-SU-2022:0725-1
- SUSE-SU-2022:0726-1
- SUSE-SU-2022:0731-1
- SUSE-SU-2022:0731-2
- SUSE-SU-2022:0782-1
- SUSE-SU-2022:2561-1
- USN-4952-1
- USN-5022-1
- USN-5022-2
- USN-5022-3
- USN-5123-1
- USN-5123-2
- USN-5170-1
- USN-5400-1
- USN-5400-2
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2021-2154 | https://vulners.com/cve/CVE-2021-2154 | |
CVE | CVE-2021-2166 | https://vulners.com/cve/CVE-2021-2166 | |
CVE | CVE-2021-2372 | https://vulners.com/cve/CVE-2021-2372 | |
CVE | CVE-2021-2389 | https://vulners.com/cve/CVE-2021-2389 | |
CVE | CVE-2021-35604 | https://vulners.com/cve/CVE-2021-35604 | |
CVE | CVE-2021-46657 | https://vulners.com/cve/CVE-2021-46657 | |
CVE | CVE-2021-46658 | https://vulners.com/cve/CVE-2021-46658 | |
CVE | CVE-2021-46662 | https://vulners.com/cve/CVE-2021-46662 | |
CVE | CVE-2021-46666 | https://vulners.com/cve/CVE-2021-46666 | |
CVE | CVE-2021-46667 | https://vulners.com/cve/CVE-2021-46667 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/almalinux/mariadb?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-test?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-test | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-test?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-test | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-test?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-test | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-server?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-server | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-server?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-server | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-server?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-server | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-server-utils?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-server-utils | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-server-utils?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-server-utils | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-server-utils?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-server-utils | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-server-galera?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-server-galera | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-server-galera?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-server-galera | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-server-galera?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-server-galera | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-pam?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-pam | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-pam?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-pam | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-pam?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-pam | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-oqgraph-engine?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-oqgraph-engine | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-oqgraph-engine?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-oqgraph-engine | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-oqgraph-engine?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-oqgraph-engine | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-gssapi-server?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-gssapi-server | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-gssapi-server?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-gssapi-server | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-gssapi-server?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-gssapi-server | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-errmsg?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-errmsg | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-errmsg?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-errmsg | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-errmsg?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-errmsg | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-embedded?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-embedded | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-embedded?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-embedded | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-embedded?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-embedded | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-embedded-devel?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-embedded-devel | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-embedded-devel?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-embedded-devel | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-embedded-devel?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-embedded-devel | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-devel?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-devel | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-devel?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-devel | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-devel?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-devel | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-common?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-common | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-common?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-common | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-common?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-common | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/mariadb-backup?arch=x86_64&distro=almalinux-8.6 | almalinux | mariadb-backup | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-backup?arch=x86_64&distro=almalinux-8.5 | almalinux | mariadb-backup | < 10.5.13-1.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/mariadb-backup?arch=aarch64&distro=almalinux-8.6 | almalinux | mariadb-backup | < 10.5.13-1.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/Judy?arch=x86_64&distro=almalinux-8.6 | almalinux | Judy | < 1.0.5-18.module_el8.6.0+2867+72759d2f | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/Judy?arch=x86_64&distro=almalinux-8.5 | almalinux | Judy | < 1.0.5-18.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/Judy?arch=aarch64&distro=almalinux-8.6 | almalinux | Judy | < 1.0.5-18.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 | |
Affected | pkg:rpm/almalinux/galera?arch=x86_64&distro=almalinux-8.6 | almalinux | galera | < 26.4.9-4.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | x86_64 | |
Affected | pkg:rpm/almalinux/galera?arch=x86_64&distro=almalinux-8.5 | almalinux | galera | < 26.4.9-4.module_el8.5.0+2637+d11efe18 | almalinux-8.5 | x86_64 | |
Affected | pkg:rpm/almalinux/galera?arch=aarch64&distro=almalinux-8.6 | almalinux | galera | < 26.4.9-4.module_el8.6.0+2761+593e5e59 | almalinux-8.6 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |