[SECURITY] [DLA 3444-1] mariadb-10.3 security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3444-1] mariadb-10.3 security update
From: Otto Kekalainen <otto@debian.org>
Date: Sat, 03 Jun 2023 23:56:11 -0700
Message-id: <[🔎] 1685861771.609169.20087.nullmailer@XPS-13-9370>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3444-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Otto KekÃ¤lÃ¤inen
June 03, 2023                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : mariadb-10.3
Version        : 1:10.3.39-0+deb10u1
CVE ID         : CVE-2022-47015
Debian Bug     : 1034889

Latest MariaDB minor maintenance release 10.3.39 included a fix for the
following security vulnerability:

CVE-2022-47015

    Spider storage engine vulnerable to Denial of Service

For Debian 10 buster, this problem has been fixed in version
1:10.3.39-0+deb10u1.

Additionally the backwards incompatible libmariadb API change has
been reverted (Closes: #1031773).

We recommend that you upgrade your mariadb-10.3 packages.

For the detailed security status of mariadb-10.3 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mariadb-10.3

Note! According to https://mariadb.org/about/#maintenance-policy this
was the last minor maintenance release for MariaDB 10.3 series.


Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmbRSsR88dMO0U+RvvthEn87o2ogFAmR8NOwACgkQvthEn87o
2ojY8g/9EFfktd26pC/yrzWnXHCM+kDzHw1jdXKKgl89ndN/9cEXEh0Sj9okQkDU
9SniYtg/w4qcfdOxHu6k6bWfIyMtNPSS/kfk54PRTm+EEIowwOYLYGRTP1RjLNQL
X9N+LzTRt34coiNnSjYPue08bJe4Qg8ugyMInqhXIvmZXc47jwl2frTFdbQzeWFH
bL6GIOgbK4U5SgfLQwdPjluUF0XOxv8t2fJWvZfijicO9LgdfxKg+axiHnDJaqNx
3jb6C/HSdp+AGx0IQ2EN10Lv9XdTd6oldOCw7IGxVTeuhtP+pT4Nfbx3L/oFr3Iv
IXYNJVNtMaLgQcFE8POY395U6cE+ZgSkyHqBwYtlZ5uFfsJqF/t2rWgUs+Bu39c0
Cd6OgSNsPhgorbVt4g6p2/f9pBtNAt0a8VoR8jJAidkdznWrKDDmvY4lK1ecikv8
OS8K596u6cByolu4hDcHF4z5MRk1GXI1wMuj6G1Q/aQdjH/0D01wx6caN/xtxy11
UZUSuhqj+Ynn6rcZiLuuRHr34X3LZrLZT2xbVRAShTw9/xickfQO59QLJE0fofWv
XAXsTVBKZ3wB2j71Rz8Zt/XfCWdxMwI+Dd8T5n8AqiGPzjDdUOKS1U2ZKTVL4nf5
a7qGSDBl1st2nE05D5hoGdh+0/NIGgUyTTfQJN4KiqRKeOFSyJI=
=wgVz
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3444-1] mariadb-10.3 security update
Next by Date: [SECURITY] [DLA 3445-1] cpio security update
Previous by thread: [SECURITY] [DLA 3444-1] mariadb-10.3 security update
Next by thread: [SECURITY] [DLA 3445-1] cpio security update
Index(es):
- Date
- Thread