UbuntuUpdates.org

Package "mariadb-server"

Name: mariadb-server

Description:

MariaDB database server (metapackage depending on the latest version)

Latest version: 1:10.1.48-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: security
Repository: universe
Head package: mariadb-10.1
Homepage: https://mariadb.org/

Links


Download "mariadb-server"


Other versions of "mariadb-server" in Bionic

Repository Area Version
base universe 1:10.1.29-6
updates universe 1:10.1.48-0ubuntu0.18.04.1

Changelog

Version: 1:10.1.48-0ubuntu0.18.04.1 2021-05-11 21:06:24 UTC

  mariadb-10.1 (1:10.1.48-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.1.48 includes fixes for the
    following security vulnerabilities (LP: #1926926):
    - CVE-2020-14765
    - CVE-2020-14812
    - CVE-2020-28912
  * Additional backported fix for CVE-2021-27928:
    - Make @@wsrep_provider and @@wsrep_notify_cmd read-only

 -- Otto Kekäläinen <email address hidden> Sun, 02 May 2021 18:40:30 -0700

Source diff to previous version
1926926 CVE-2021-27928 et al affects MariaDB in Ubuntu
CVE-2020-14765 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31
CVE-2020-14812 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior, 5.
CVE-2020-28912 With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to
CVE-2021-27928 A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percon

Version: 1:10.1.47-0ubuntu0.18.04.1 2020-10-26 21:06:19 UTC

  mariadb-10.1 (1:10.1.47-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.1.47 includes fixes for the
    following security vulnerabilities (LP: #1899500):
    - CVE-2020-15180
  * Includes previous upstream version 10.1.45 which has the fixes for
    the following security vulnerabilities:
    - CVE-2020-2814
    - CVE-2020-2812
    - CVE-2020-2752

 -- Otto Kekäläinen <email address hidden> Mon, 12 Oct 2020 19:24:44 +0300

Source diff to previous version
CVE-2020-2814 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and
CVE-2020-2812 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and
CVE-2020-2752 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and p

Version: 1:10.1.44-0ubuntu0.18.04.1 2020-02-06 21:06:26 UTC

  mariadb-10.1 (1:10.1.44-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.1.44 includes fixes for the
    following security vulnerabilities (LP: #1861260):
    - CVE-2020-2574
  * Limit scope of test suite to avoid unnecessary test failures

 -- Otto Kekäläinen <email address hidden> Thu, 30 Jan 2020 09:25:09 +0200

Source diff to previous version
1861260 USN-4250-1 also affects MariaDB
CVE-2020-2574 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and p

Version: 1:10.1.43-0ubuntu0.18.04.1 2019-11-19 19:07:25 UTC

  mariadb-10.1 (1:10.1.43-0ubuntu0.18.04.1) bionic-security; urgency=high

  * SECURITY UPDATE: New upstream version 10.1.43 includes a fix for a
    regression introduced in the previous release:
    - MDEV-20987: InnoDB fails to start when FTS table has FK relation
    Previous release 10.1.41 includes fix for the following security
    vulnerability (LP: #1852109):
    - CVE-2019-2974

 -- Otto Kekäläinen <email address hidden> Mon, 11 Nov 2019 18:49:05 +0100

Source diff to previous version
1852109 USN-4195-1 also affects MariaDB
CVE-2019-2974 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior,

Version: 1:10.1.41-0ubuntu0.18.04.1 2019-08-13 19:07:16 UTC

  mariadb-10.1 (1:10.1.41-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.1.41. Includes fixes for the
    following security vulnerabilities (LP: #1837770):
    - CVE-2019-2737
    - CVE-2019-2739
    - CVE-2019-2740
    - CVE-2019-2805

 -- Otto Kekäläinen <email address hidden> Fri, 02 Aug 2019 18:10:23 +0100

1837770 july 2019 cpu probably applies
CVE-2019-2737 Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...
CVE-2019-2739 Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...
CVE-2019-2740 Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...
CVE-2019-2805 Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...



About   -   Send Feedback to @ubuntu_updates