UbuntuUpdates.org

Package "mariadb-plugin-cracklib-password-check"

Name: mariadb-plugin-cracklib-password-check

Description:

CrackLib Password Validation Plugin for MariaDB
Latest version: 1:10.6.22-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: security
Repository: universe
Head package: mariadb-10.6
Homepage: https://mariadb.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "mariadb-plugin-cracklib-password-check"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "mariadb-plugin-cracklib-password-check" in Jammy

Repository Area Version
base universe 1:10.6.7-2ubuntu1
updates universe 1:10.6.22-0ubuntu0.22.04.1

Changelog

Version: 1:10.6.22-0ubuntu0.22.04.1 2025-05-20 13:07:28 UTC

  mariadb-10.6 (1:10.6.22-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.6.22 includes fixes for regressions
    as noted at https://mariadb.com/kb/en/mariadb-10-6-22-release-notes/ and
    also fixes the following security vulnerabilities (LP: #2110070):
    - CVE-2023-52969
    - CVE-2023-52970
    - CVE-2025-30693
    - CVE-2025-30722
  * Fix changelog entry formatting in 1:10.6.21-0ubuntu0.22.04.1
  * Drop all three patches previously backported to 1:10.6.21-0ubuntu0.22.04.2
    now in upstream release

 -- Otto Kekäläinen <email address hidden> Tue, 06 May 2025 22:33:59 -0700
Source diff to previous version
2110070 CVE-2025-30722 et al affects MariaDB in Ubuntu
CVE-2023-52969 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace lo
CVE-2023-52970 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_vi
CVE-2025-30693 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 an
CVE-2025-30722 Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4

Version: 1:10.6.21-0ubuntu0.22.04.2 2025-03-31 16:07:32 UTC

  mariadb-10.6 (1:10.6.21-0ubuntu0.22.04.2) jammy-security; urgency=medium

  * Fix building with Clang on RISC-V to unblock the promotion of the
    10.6.21 upstate to Ubuntu 22.04 "Jammy"
  * Backport upstream fix for INSERT SELECT on NOT NULL (Closes: #1099515)
    to fix severe regression in 10.6.21
  * Add patch to remove unnecessary capabilities from AmbientCapabilities
    to mitigate potential security issue in a change in 10.6.21

 -- Otto Kekäläinen <email address hidden> Fri, 21 Mar 2025 12:22:19 -0700
Source diff to previous version
1099515 mariadb-server: Error with INSERT SELECT on NOT NULL columns while having BEFORE UPDATE trigger

Version: 1:10.6.18-0ubuntu0.22.04.1 2024-06-19 09:07:09 UTC

  mariadb-10.6 (1:10.6.18-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Update gdb.conf to be aligned with other branches and easier to maintain
  * Update upstream signing key
  * SECURITY UPDATE: New upstream version 10.6.18 includes fixes for regressions
    as noted at https://mariadb.com/kb/en/mariadb-10-6-18-release-notes/ and
    also fixes the following security vulnerabilities (LP: #2067125):
    - CVE-2024-21096
  * Remove libmariadb file no longer present in MariaDB Connector C v3.3
  * Fix failing build by including wsrep_sst_backup man page
  * Add patch to partially revert upstream c432c9ef (Closes: #1063738)

 -- Otto Kekäläinen <email address hidden> Sat, 25 May 2024 14:07:17 -0700
Source diff to previous version
2067125 CVE-2024-21096 et al affects MariaDB in Ubuntu
1063738 mariadb: FTBFS on armel, armhf, powerpc, x32, hppa: size of array compile_time_assert is negative
CVE-2024-21096 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior

Version: 1:10.6.16-0ubuntu0.22.04.1 2024-01-25 16:12:36 UTC

  mariadb-10.6 (1:10.6.16-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.6.16includes fixes for the
    following security vulnerabilities (LP: #2045452):
    - CVE-2023-22084
  * Previous upstream version 10.6.13 included security fixes for:
    - CVE-2022-47015
  * Include new test plugin file and header file
  * Update libmariadb3.symbols to include new ABI changes in 3.3.5
    and fix DPKG_GENSYMBOLS_CHECK_LEVEL so it actually takes effect and in
    build will properly fail if there are unaccounted symbol changes in
    future upstream maintenance releases
  * For details, see https://mariadb.com/kb/en/mariadb-10-6-16-release-notes/
    and previous upstream release notes

 -- Otto Kekäläinen <email address hidden> Fri, 01 Dec 2023 19:44:37 -0800
Source diff to previous version
2045452 CVE-2022-47015 et al affects MariaDB in Ubuntu
CVE-2023-22084 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and
CVE-2022-47015 MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to derefere

Version: 1:10.6.12-0ubuntu0.22.04.1 2023-02-22 12:06:52 UTC

  mariadb-10.6 (1:10.6.12-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * New upstream version 10.6.12. Includes fix for a major
    performance/memory consumption issue (MDEV-29988) (LP: #2006882).
  * Move my_print_defaults to MariaDB client core package (LP: #1997880)

 -- Otto Kekäläinen <email address hidden> Thu, 09 Feb 2023 22:57:07 -0800
2006882 MDEV-29988 affects MariaDB in Ubuntu
1997880 package mariadb-server-core-10.6 1:10.6.11-0ubuntu0.22.04.1 failed to install/upgrade: pr\u00f8ver \u00e5 skrive over \u00ab/usr/bin/my_print_default


About   -   Send Feedback to @ubuntu_updates