Overview

File _patchinfo of Package patchinfo.14140

<patchinfo incident="14140">
  <issue tracker="bnc" id="1160878">AUDIT-FIND: mariadb: SUSE systemd service unit is missing features that upstream uses</issue>
  <issue tracker="bnc" id="1160883">AUDIT-FIND: mariadb: mysql-systemd-helper performs operations redundant to systemd-tmpfiles configuration</issue>
  <issue tracker="bnc" id="1160895">VUL-0: CVE-2019-18901: mariadb: mysql-systemd-helper: race condition with mysql_upgrade_info</issue>
  <issue tracker="bnc" id="1160912">VUL-0: mariadb: chmod in %post in user controlled directory</issue>
  <issue tracker="bnc" id="1162388">VUL-0: CVE-2020-2574: mariadb: 10.2.31 release</issue>
  <issue tracker="cve" id="2019-18901"/>
  <issue tracker="cve" id="2020-2574"/>
  <packager>kstreitova</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for mariadb</summary>
  <description>This update for mariadb fixes the following issues:

MariaDB was updated to version 10.2.31 GA (bsc#1162388).

Security issues fixed:

- CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client (bsc#1162388).
- CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd-helper (bsc#1160895).
- Enabled security hardenings in MariaDB's systemd service, namely ProtectSystem, ProtectHome and UMask (bsc#1160878).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places