diff options
| author | Yogita Urade <yogita.urade@windriver.com> | 2025-06-25 13:03:12 +0530 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2025-07-02 20:38:49 -0400 |
| commit | 5bc652be7ad4b7996eabe808fdf0a5ea0338ac9f (patch) | |
| tree | f2bba37fbd2f65bcd9450b0e8239d175fd93a382 /meta-python/recipes-devtools/python/python3-pexpect/0001-FSM.py-change-shebang-from-python-to-python3.patch | |
| parent | c2140f3f2a82a7f095762d7fe7fd1f0bfa1c8d8e (diff) | |
| download | meta-openembedded-5bc652be7ad4b7996eabe808fdf0a5ea0338ac9f.tar.gz | |
mariadb: fix CVE-2023-52969 and CVE-2023-52970
CVE-2023-52969:
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7
through 10.11., and 11.0 through 11.0. can sometimes crash
with an empty backtrace log. This may be related to
make_aggr_tables_info and optimize_stage2.
CVE-2023-52970:
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7
through 10.11., 11.0 through 11.0., and 11.1 through 11.4.*
crashes in Item_direct_view_ref::derived_field_transformer_for_where.
CVE-2023-52969-CVE-20230-52970-0001 and CVE-2023-52969-CVE-20230-52970-0002
are dependent commits while CVE-2023-52969-CVE-20230-52970-0003 and
CVE-2023-52969-CVE-20230-52970-0004 are actual CVE fixes.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-52969
https://nvd.nist.gov/vuln/detail/CVE-2023-52970
Upstream patches:
https://github.com/MariaDB/server/commit/e6403733897483bed249875f0f3e5e9937ca2b38
https://github.com/MariaDB/server/commit/d98ac8511e39770ef3d8b42937c84e876d1459e
https://github.com/MariaDB/server/commit/9b313d2de1df65626abb3b1d6c973f74addb12fb
https://github.com/MariaDB/server/commit/4fc9dc84b017cf9f30585bcdef0663f9425fe460
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-pexpect/0001-FSM.py-change-shebang-from-python-to-python3.patch')
0 files changed, 0 insertions, 0 deletions