deepcrayon
/
buildroot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
buildroot/package/mariadb
History
Ryan Coe 4071a7d743 package/mariadb: security bump to 10.3.22 
Release notes:
https://mariadb.com/kb/en/library/mariadb-10322-release-notes/

Changelog:
https://mariadb.com/kb/en/library/mariadb-10322-changelog/

Fixes the following security vulnerability (10.3.22):
CVE-2020-2574 - Vulnerability in the MySQL Client product of Oracle MySQL
(component: C API). Supported versions that are affected are 5.6.46 and
prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via
multiple protocols to compromise MySQL Client. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Client.

Fixes the following security vulnerabilities (10.3.19):
CVE-2019-2974 - Vulnerability in the MySQL Server product of Oracle MySQL
(component: Server: Optimizer). Supported versions that are affected are
5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.

CVE-2019-2938 - Vulnerability in the MySQL Server product of Oracle MySQL
(component: InnoDB). Supported versions that are affected are 5.7.27 and
prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.

Patch 0002-fix-build-error-with-newer-cmake.patch has been removed as it
has been applied upstream.

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 		2020-02-04 22:31:15 +01:00
..
0001-add-extra-check-for-librt.patch package/mariadb: add bug tracker link to existing patch 2019-09-21 14:40:07 +02:00
S97mysqld package/mariadb: do not pass --user=mysql to mysql_install_db 2020-02-04 14:57:20 +01:00
mariadb.hash package/mariadb: security bump to 10.3.22 2020-02-04 22:31:15 +01:00
mariadb.mk package/mariadb: security bump to 10.3.22 2020-02-04 22:31:15 +01:00
mysqld.service package/mariadb: explicitly define logging directory to mysqld 2020-02-04 14:57:20 +01:00