Overview

File _patchinfo of Package patchinfo.21333

<patchinfo incident="21333">
  <issue tracker="bnc" id="1173028">mariadb is not packaged properly according to systemd devs</issue>
  <issue tracker="bnc" id="1186031">server:database/mariadb: feature request innodb lz4 support </issue>
  <issue tracker="bnc" id="1192497">VUL-0: CVE-2021-35604: mysql,mariadb,mariadb-100: InnoDB allows high privileged attacker with network access via multiple protocols to compromise MySQL Server</issue>
  <issue tracker="cve" id="2021-35604"/>
  <packager>dspinella</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for mariadb</summary>
  <description>This update for mariadb fixes the following issue:
    
- Update to 10.2.41:
- CVE-2021-35604: Fixed InnoDB vulnerability that allowed an high privileged attacker with network access via multiple protocols to compromise MySQL (bsc#1192497).
    
- Add missing dependency to liblz4 to enable lz4 compression for INNODB (bsc#1186031). 
- Add a 'mysql-user.conf' file to let 'systemd' generate mysql user in containers. (bsc#1173028)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places