[ELSA-2020-5500] mariadb:10.3 security, bug fix, and enhancement update

Severity Important

Affected Packages 17

CVEs 14

asio
[1.10.8-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.10.8-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

[1.10.8-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[1.10.8-4]
- Rebuilt for Boost 1.64

[1.10.8-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

[1.10.8-2]
- Rebuilt for Boost 1.63

[1.10.8-1]
- Update to 1.10.8

[1.10.7-1]
- Update to 1.10.7

[1.10.6-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

[1.10.6-6]
- Rebuilt for Boost 1.60

[1.10.6-5]
- Remove useless pieces of the spec
- Conform to more recent SPEC style
- Fix date in changelog that was giving warnings

[1.10.6-4]
- Move from define to global

[1.10.6-3]
- Rebuilt for Boost 1.59

[1.10.6-2]
- Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159

[-1.10.6-1]
- Update to 1.10.6 version

[1.10.4-5]
- rebuild for Boost 1.58

[1.10.4-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

[1.10.4-3]
- Rebuild for boost 1.57.0

[1.10.4-2]
- Forgot to update the commit id

[1.10.4-1]
- Update to 1.10.4 version

[1.10.3-1]
- Update to 1.10.3 version

[1.4.8-9]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

[1.4.8-8]
- Rebuild for boost 1.55.0

[1.4.8-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

[1.4.8-6]
- Rebuild for boost 1.54.0

[1.4.8-5]
- Rebuild for Boost-1.53.0

[1.4.8-4]
- Rebuild for Boost-1.53.0

[1.4.8-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

[1.4.8-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

[1.4.8-1]
- Update to 1.4.8 bugfix release

[1.4.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

[1.4.1-3]
- fix FTBFS #538893 and #599857 (patch by Petr Machata)

[1.4.1-2]
- The tarball is now a gzip archive

[1.4.1-1]
- New upstream release

[1.2.0-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

[1.2.0-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

[1.2.0-1]
- New upstream release

galera
[25.3.31-1]
- Rebase to 25.3.31
Resolves: #1731289, #1856812

Judy
mariadb
[3:10.3.27-3]
- Remove mariadb_rpl.h from includedir
This file is shipped in mariadb-connector-c package
- Require matching version of mariadb-connector-c package

[3:10.3.27-2]
- Disable building of the ed25519 client plugin.
From now on it will be shipped by 'mariadb-connector-c' package

[3:10.3.27-1]
- Rebase to 10.3.27
- mariadb-debug_build.patch is no more needed, upstream did the changes:
https://github.com/MariaDB/server/commit/31eaa2029f3c2a4f8e5609ce8b87682286238d9a#diff-32766783af7cac683980224d63c59929
https://github.com/MariaDB/server/commit/23c6fb3e6231b8939331e2d9f157092f24ed8f4f#diff-78f3162f137407db5240950beb2bcd7c

[3:10.3.23-1]
- Rebase to 10.3.23
- Make conflicts between corresponding mariadb and mysql packages explicit
- Get rid of the Conflicts macro, it was intended to mark conflicts with
upstream packages
Resolves: #1853159

[3:10.3.22-1]
- Rebase to 10.3.22

[3:10.3.21-1]
- Rebase to 10.3.21

[3:10.3.20-2]
- Change path of groonga's packaged files
- Fix bz#1763287

[3:10.3.20-1]
- Rebase to 10.3.20
- NOTE: 10.3.19 was deleted by upstream

[3:10.3.18-1]
- Rebase to 10.3.18

[3:10.3.17-2]
- Fix the debug build

Package	Affected Version
pkg:rpm/oraclelinux/mariadb?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-test?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-server?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-server-utils?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-server-galera?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-oqgraph-engine?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-gssapi-server?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-errmsg?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-embedded?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-embedded-devel?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-devel?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-common?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/mariadb-backup?distro=oraclelinux-8.3	< 10.3.27-3.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/Judy?distro=oraclelinux-8.1	< 1.0.5-18.module+el8.1.0+5402+691bd77e
pkg:rpm/oraclelinux/Judy-devel?distro=oraclelinux-8.1	< 1.0.5-18.module+el8.1.0+5402+691bd77e
pkg:rpm/oraclelinux/galera?distro=oraclelinux-8.3	< 25.3.31-1.module+el8.3.0+7885+7a81225f
pkg:rpm/oraclelinux/asio-devel?distro=oraclelinux-8.1	< 1.10.8-7.module+el8.1.0+5402+691bd77e

ID

ELSA-2020-5500

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2020-5500.html

Published

2020-12-18T00:00:00
(3 years ago)

Modified

2020-12-18T00:00:00
(3 years ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2020-5500	https://linux.oracle.com/errata/ELSA-2020-5500.html
CVE	CVE-2019-2938	https://linux.oracle.com/cve/CVE-2019-2938.html
CVE	CVE-2019-2974	https://linux.oracle.com/cve/CVE-2019-2974.html
CVE	CVE-2020-2574	https://linux.oracle.com/cve/CVE-2020-2574.html
CVE	CVE-2020-2752	https://linux.oracle.com/cve/CVE-2020-2752.html
CVE	CVE-2020-2760	https://linux.oracle.com/cve/CVE-2020-2760.html
CVE	CVE-2020-2780	https://linux.oracle.com/cve/CVE-2020-2780.html
CVE	CVE-2020-2812	https://linux.oracle.com/cve/CVE-2020-2812.html
CVE	CVE-2020-2814	https://linux.oracle.com/cve/CVE-2020-2814.html
CVE	CVE-2020-14765	https://linux.oracle.com/cve/CVE-2020-14765.html
CVE	CVE-2020-14776	https://linux.oracle.com/cve/CVE-2020-14776.html
CVE	CVE-2020-14812	https://linux.oracle.com/cve/CVE-2020-14812.html
CVE	CVE-2020-13249	https://linux.oracle.com/cve/CVE-2020-13249.html
CVE	CVE-2020-14789	https://linux.oracle.com/cve/CVE-2020-14789.html
CVE	CVE-2020-15180	https://linux.oracle.com/cve/CVE-2020-15180.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/mariadb?distro=oraclelinux-8.3	oraclelinux	mariadb	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-test?distro=oraclelinux-8.3	oraclelinux	mariadb-test	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-server?distro=oraclelinux-8.3	oraclelinux	mariadb-server	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-server-utils?distro=oraclelinux-8.3	oraclelinux	mariadb-server-utils	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-server-galera?distro=oraclelinux-8.3	oraclelinux	mariadb-server-galera	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-oqgraph-engine?distro=oraclelinux-8.3	oraclelinux	mariadb-oqgraph-engine	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-gssapi-server?distro=oraclelinux-8.3	oraclelinux	mariadb-gssapi-server	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-errmsg?distro=oraclelinux-8.3	oraclelinux	mariadb-errmsg	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-embedded?distro=oraclelinux-8.3	oraclelinux	mariadb-embedded	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-embedded-devel?distro=oraclelinux-8.3	oraclelinux	mariadb-embedded-devel	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-devel?distro=oraclelinux-8.3	oraclelinux	mariadb-devel	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-common?distro=oraclelinux-8.3	oraclelinux	mariadb-common	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/mariadb-backup?distro=oraclelinux-8.3	oraclelinux	mariadb-backup	< 10.3.27-3.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/Judy?distro=oraclelinux-8.1	oraclelinux	Judy	< 1.0.5-18.module+el8.1.0+5402+691bd77e	oraclelinux-8.1
Affected	pkg:rpm/oraclelinux/Judy-devel?distro=oraclelinux-8.1	oraclelinux	Judy-devel	< 1.0.5-18.module+el8.1.0+5402+691bd77e	oraclelinux-8.1
Affected	pkg:rpm/oraclelinux/galera?distro=oraclelinux-8.3	oraclelinux	galera	< 25.3.31-1.module+el8.3.0+7885+7a81225f	oraclelinux-8.3
Affected	pkg:rpm/oraclelinux/asio-devel?distro=oraclelinux-8.1	oraclelinux	asio-devel	< 1.10.8-7.module+el8.1.0+5402+691bd77e	oraclelinux-8.1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date