Overview

File _patchinfo of Package patchinfo.24417

<patchinfo incident="24417">
  <issue tracker="bnc" id="1198628">VUL-0: CVE-2022-27376: mariadb,mariadb-100: use-after-free in the component Item_args:walk_arg</issue>
  <issue tracker="bnc" id="1198605">VUL-0: CVE-2022-27379: mariadb,mariadb-100: server crash in component Arg_comparator:compare_real_fixed</issue>
  <issue tracker="bnc" id="1198636">VUL-0: CVE-2022-27457: mariadb,mariadb-100: Use-After-Free in strings/ctype-latin1.c</issue>
  <issue tracker="bnc" id="1198633">VUL-0: CVE-2022-27449: mariadb-100,mariadb: Segmentation Fault in sql/item_func.cc</issue>
  <issue tracker="bnc" id="1198632">VUL-0: CVE-2022-27448: mariadb-100,mariadb: Assertation Failure in row/row0mysql.cc</issue>
  <issue tracker="bnc" id="1198637">VUL-0: CVE-2022-27458: mariadb,mariadb-100: Use-After-Free in sql/sql_string.h</issue>
  <issue tracker="bnc" id="1198609">VUL-0: CVE-2022-27382: mariadb,mariadb-100: SEGV via component Item_field:used_tables/update_depend_map_for_order or Assertion `fixed == 1'</issue>
  <issue tracker="bnc" id="1198639">VUL-0: CVE-2022-27451: mariadb,mariadb-100: segmentation fault in sql/field_conv.cc</issue>
  <issue tracker="bnc" id="1198606">VUL-0: CVE-2022-27380: mariadb,mariadb-100: server crash at my_decimal:operator=</issue>
  <issue tracker="bnc" id="1198640">VUL-0: CVE-2022-27452: mariadb,mariadb-100: MariaDB: a segmentation fault in sql/item_cmpfunc.cc</issue>
  <issue tracker="bnc" id="1198610">VUL-0: CVE-2022-27383: mariadb,mariadb-100: use-after-free in my_strcasecmp_8bit() of ctype-simple.c</issue>
  <issue tracker="bnc" id="1198630">VUL-0: CVE-2022-27446: mariadb-100,mariadb: Segmentation Fault in sql/item_cmpfunc.h</issue>
  <issue tracker="bnc" id="1198634">VUL-0: CVE-2022-27444: mariadb-100,mariadb: Segmentation Fault in sql/item_subselect.cc</issue>
  <issue tracker="bnc" id="1198631">VUL-0: CVE-2022-27447: mariadb-100,mariadb: Use-After-Free in sql/sql_string.h</issue>
  <issue tracker="bnc" id="1198629">VUL-0: CVE-2022-27445: mariadb-100,mariadb: Segmentation Fault in sql/sql_window.cc</issue>
  <issue tracker="bnc" id="1198607">VUL-0: CVE-2022-27381: mariadb,mariadb-100: server crash at Field:set_default via specially crafted SQL statements.</issue>
  <issue tracker="bnc" id="1198635">VUL-0: CVE-2022-27456: mariadb,mariadb-100: Use-After-Free in sql/sql_type.cc</issue>
  <issue tracker="bnc" id="1198603">VUL-0: CVE-2022-27377: mariadb,mariadb-100: use-after-free in the component Item_func_in:cleanup() of item_cmpfunc.h</issue>
  <issue tracker="bnc" id="1198612">VUL-0: CVE-2022-27386: mariadb,mariadb-100: SEGV via the component sql/sql_class.cc.</issue>
  <issue tracker="bnc" id="1199928">VUL-0: mariadb,mariadb-100: Fixed multiple vulnerabilities</issue>
  <issue tracker="bnc" id="1198613">VUL-0: CVE-2022-27387: mariadb,mariadb-100: global-buffer-overflow in decimal_bin_size of decimal.c</issue>
  <issue tracker="bnc" id="1198604">VUL-0: CVE-2022-27378: mariadb,mariadb-100:  server crash in Create_tmp_table:finalize</issue>
  <issue tracker="bnc" id="1198611">VUL-0: CVE-2022-27384: mariadb,mariadb-100: crash via component Item_subselect:init_expr_cache_tracker</issue>
  <issue tracker="bnc" id="1198638">VUL-0: CVE-2022-27455: mariadb,mariadb-100: MariaDB: Use-After-Free in strings/ctype-simple.c</issue>
  <issue tracker="cve" id="2022-27446"/>
  <issue tracker="cve" id="2022-27384"/>
  <issue tracker="cve" id="2022-27448"/>
  <issue tracker="cve" id="2022-27452"/>
  <issue tracker="cve" id="2022-27386"/>
  <issue tracker="cve" id="2022-27381"/>
  <issue tracker="cve" id="2022-27383"/>
  <issue tracker="cve" id="2022-27444"/>
  <issue tracker="cve" id="2021-46669"/>
  <issue tracker="cve" id="2022-21427"/>
  <issue tracker="cve" id="2022-27447"/>
  <issue tracker="cve" id="2022-27451"/>
  <issue tracker="cve" id="2022-27458"/>
  <issue tracker="cve" id="2022-27457"/>
  <issue tracker="cve" id="2022-27449"/>
  <issue tracker="cve" id="2022-27376"/>
  <issue tracker="cve" id="2022-27380"/>
  <issue tracker="cve" id="2022-27377"/>
  <issue tracker="cve" id="2022-27445"/>
  <issue tracker="cve" id="2022-27455"/>
  <issue tracker="cve" id="2022-27379"/>
  <issue tracker="cve" id="2022-27456"/>
  <issue tracker="cve" id="2022-27378"/>
  <issue tracker="cve" id="2022-27387"/>
  <issue tracker="cve" id="2022-27382"/>
  <packager>dspinella</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for mariadb</summary>
  <description>This update for mariadb fixes the following issues:

Update to 10.5.16 (bsc#1199928):

- CVE-2021-46669 (bsc#1199928)
- CVE-2022-27376 (bsc#1198628)
- CVE-2022-27377 (bsc#1198603)
- CVE-2022-27378 (bsc#1198604)
- CVE-2022-27379 (bsc#1198605)
- CVE-2022-27380 (bsc#1198606)
- CVE-2022-27381 (bsc#1198607)
- CVE-2022-27382 (bsc#1198609)
- CVE-2022-27383 (bsc#1198610)
- CVE-2022-27384 (bsc#1198611)
- CVE-2022-27386 (bsc#1198612)
- CVE-2022-27387 (bsc#1198613)
- CVE-2022-27444 (bsc#1198634)
- CVE-2022-27445 (bsc#1198629)
- CVE-2022-27446 (bsc#1198630)
- CVE-2022-27447 (bsc#1198631)
- CVE-2022-27448 (bsc#1198632)
- CVE-2022-27449 (bsc#1198633)
- CVE-2022-27451 (bsc#1198639)
- CVE-2022-27452 (bsc#1198640)
- CVE-2022-27455 (bsc#1198638)
- CVE-2022-27456 (bsc#1198635)
- CVE-2022-27457 (bsc#1198636)
- CVE-2022-27458 (bsc#1198637)

- The following issue is not affecting this package: CVE-2022-21427
  
External refernences:

- https://mariadb.com/kb/en/library/mariadb-10516-release-notes
- https://mariadb.com/kb/en/library/mariadb-10516-changelog
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places