File _patchinfo of Package patchinfo.25660
<patchinfo incident="25660"> <issue tracker="cve" id="2022-32087"/> <issue tracker="cve" id="2022-32086"/> <issue tracker="cve" id="2022-32083"/> <issue tracker="cve" id="2022-32089"/> <issue tracker="cve" id="2022-32084"/> <issue tracker="cve" id="2022-32085"/> <issue tracker="cve" id="2022-32082"/> <issue tracker="cve" id="2022-32091"/> <issue tracker="cve" id="2022-32081"/> <issue tracker="cve" id="2022-32088"/> <issue tracker="bnc" id="1201163">VUL-0: CVE-2022-32083: mariadb: segmentation fault via the component Item_subselect:init_expr_cache_tracker</issue> <issue tracker="bnc" id="1201167">VUL-0: CVE-2022-32087: mariadb: segmentation fault via the component Item_args:walk_args</issue> <issue tracker="bnc" id="1201170">VUL-0: CVE-2022-32091: mariadb: use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc</issue> <issue tracker="bnc" id="1201168">VUL-0: CVE-2022-32088: mariadb: segmentation fault via the component Exec_time_tracker:get_loops/Filesort_tracker:report_use/filesort</issue> <issue tracker="bnc" id="1201162">VUL-0: CVE-2022-32082: mariadb: assertion failure at table->get_ref_count() == 0 in dict0dict.cc</issue> <issue tracker="bnc" id="1201164">VUL-0: CVE-2022-32084: mariadb: segmentation fault via the component sub_select</issue> <issue tracker="bnc" id="1201161">VUL-0: CVE-2022-32081: mariadb: use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc</issue> <issue tracker="bnc" id="1201166">VUL-0: CVE-2022-32086: mariadb: segmentation fault via the component Item_field:fix_outer_field</issue> <issue tracker="bnc" id="1201165">VUL-0: CVE-2022-32085: mariadb: segmentation fault via the component Item_func_in:cleanup/Item:cleanup_processor</issue> <issue tracker="bnc" id="1201169">VUL-0: CVE-2022-32089: mariadb: segmentation fault via the component st_select_lex_unit:exclude_level</issue> <packager>dspinella</packager> <issue tracker="bnc" id="1200105">/usr/lib/mysql/mysql-systemd-helper is unaware of custom group, therfore Operation not permitted for chown command</issue> <rating>important</rating> <category>security</category> <summary>Security update for mariadb</summary> <description>This update for mariadb fixes the following issues: - Updated to 10.6.9: - CVE-2022-32082: Fixed a reachable assertion that would crash the server (bsc#1201162). - CVE-2022-32089: Fixed a segmentation fault that coudl be triggered via a crafted query (bsc#1201169). - CVE-2022-32081: Fixed a buffer overflow on instant ADD/DROP of generated column (bsc#1201161). - CVE-2022-32091: Fixed a memory corruption issue that could be triggered via a crafted query (bsc#1201170). - CVE-2022-32084: Fixed a segmentation fault on INSERT SELECT queries (bsc#1201164). - Additionaly, the following issues were previously fixed: - CVE-2022-32088: Fixed a server crash when using ORDER BY with window function and UNION(bsc#1201168). - CVE-2022-32087: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201167). - CVE-2022-32086: Fixed a server crash on INSERT SELECT queries (bsc#1201166). - CVE-2022-32085: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201165). - CVE-2022-32083: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201163). Bugfixes: - Update mysql-systemd-helper to be aware of custom group (bsc#1200105). </description> </patchinfo>
