Overview

File _patchinfo of Package patchinfo.25681

<patchinfo incident="25681">
  <issue tracker="cve" id="2022-32086"/>
  <issue tracker="cve" id="2022-32091"/>
  <issue tracker="cve" id="2022-32084"/>
  <issue tracker="cve" id="2022-32089"/>
  <issue tracker="cve" id="2018-25032"/>
  <issue tracker="cve" id="2022-32085"/>
  <issue tracker="cve" id="2022-32083"/>
  <issue tracker="cve" id="2022-32088"/>
  <issue tracker="cve" id="2022-32081"/>
  <issue tracker="cve" id="2022-32087"/>
  <issue tracker="bnc" id="1201168">VUL-0: CVE-2022-32088: mariadb: segmentation fault via the component Exec_time_tracker:get_loops/Filesort_tracker:report_use/filesort</issue>
  <issue tracker="bnc" id="1197459">VUL-0: CVE-2018-25032: zlib: memory corruption on deflate (i.e. compress)</issue>
  <issue tracker="bnc" id="1201169">VUL-0: CVE-2022-32089: mariadb: segmentation fault via the component st_select_lex_unit:exclude_level</issue>
  <issue tracker="bnc" id="1201165">VUL-0: CVE-2022-32085: mariadb: segmentation fault via the component Item_func_in:cleanup/Item:cleanup_processor</issue>
  <issue tracker="bnc" id="1201170">VUL-0: CVE-2022-32091: mariadb: use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc</issue>
  <issue tracker="bnc" id="1201166">VUL-0: CVE-2022-32086: mariadb: segmentation fault via the component Item_field:fix_outer_field</issue>
  <issue tracker="bnc" id="1201167">VUL-0: CVE-2022-32087: mariadb: segmentation fault via the component Item_args:walk_args</issue>
  <issue tracker="bnc" id="1201161">VUL-0: CVE-2022-32081: mariadb: use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc</issue>
  <issue tracker="bnc" id="1201164">VUL-0: CVE-2022-32084: mariadb: segmentation fault via the component sub_select</issue>
  <issue tracker="bnc" id="1200105">/usr/lib/mysql/mysql-systemd-helper is unaware of custom group, therfore Operation not permitted for chown command</issue>
  <issue tracker="bnc" id="1201163">VUL-0: CVE-2022-32083: mariadb: segmentation fault via the component Item_subselect:init_expr_cache_tracker</issue>
  <packager>dspinella</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for mariadb</summary>
  <description>This update for mariadb fixes the following issues:

Update to 10.4.26:

- CVE-2022-32089 (bsc#1201169)
- CVE-2022-32081 (bsc#1201161)
- CVE-2022-32091 (bsc#1201170)
- CVE-2022-32084 (bsc#1201164)
- CVE-2018-25032 (bsc#1197459)
- CVE-2022-32088 (bsc#1201168)
- CVE-2022-32087 (bsc#1201167)
- CVE-2022-32086 (bsc#1201166)
- CVE-2022-32085 (bsc#1201165)
- CVE-2022-32083 (bsc#1201163)

Bugfixes:

- Update mysql-systemd-helper to be aware of custom group (bsc#1200105).

External references:

- https://mariadb.com/kb/en/library/mariadb-10426-release-notes
- https://mariadb.com/kb/en/library/mariadb-10426-changelog
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places