File _patchinfo of Package patchinfo.21333
<patchinfo incident="21333">
<issue tracker="bnc" id="1173028">mariadb is not packaged properly according to systemd devs</issue>
<issue tracker="bnc" id="1186031">server:database/mariadb: feature request innodb lz4 support </issue>
<issue tracker="bnc" id="1192497">VUL-0: CVE-2021-35604: mysql,mariadb,mariadb-100: InnoDB allows high privileged attacker with network access via multiple protocols to compromise MySQL Server</issue>
<issue tracker="cve" id="2021-35604"/>
<packager>dspinella</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for mariadb</summary>
<description>This update for mariadb fixes the following issue:
- Update to 10.2.41:
- CVE-2021-35604: Fixed InnoDB vulnerability that allowed an high privileged attacker with network access via multiple protocols to compromise MySQL (bsc#1192497).
- Add missing dependency to liblz4 to enable lz4 compression for INNODB (bsc#1186031).
- Add a 'mysql-user.conf' file to let 'systemd' generate mysql user in containers. (bsc#1173028)
</description>
</patchinfo>