Bastien Roucariès pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
51eb42e2 by Bastien Roucariès at 2024-08-24T07:32:32+00:00
CVE-2022-27386/mariadb not affected
Test of POC does not coredump:
--
/builds/lts-team/packages/mariadb-10.1/debian/output/source_dir/mysql-test/r/func_default.result
2024-08-23 22:43:13.000000000 +0000
+++
/builds/lts-team/packages/mariadb-10.1/debian/output/source_dir/mysql-test/r/func_default.reject
2024-08-23 22:58:10.083269449 +0000
@@ -34,8 +34,8 @@
NULL
select default(a) = now() from v2;
default(a) = now()
-1
-1
+NULL
+NULL
select table_name,is_updatable from information_schema.views;
table_name is_updatable
v1 NO
@@ -46,17 +46,19 @@
show create table t1;
Table Create Table
t1 CREATE TABLE `t1` (
- `v1` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE
current_timestamp(),
+ `v1` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE
CURRENT_TIMESTAMP,
`x` varchar(1) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1
select default(v1) from (select v1 from t1) dt;
default(v1)
-2001-01-01 10:20:30
+0000-00-00 00:00:00
select default(v1) from (select v1 from t1 group by v1) dt;
default(v1)
0000-00-00 00:00:00
drop table t1;
create table t1 (a text default '');
+Warnings:
+Warning 1101 BLOB/TEXT column 'a' can't have a default
value
create algorithm=temptable view v1 as select * from t1;
insert into t1 values ('a');
select default(a) from v1;
mysqltest: Result length mismatch
Moreover fix is not backportable due to missing member:
/builds/lts-team/packages/mariadb-10.1/debian/output/source_dir/sql/sql_select.cc:16091:38:
error: 'class Field' has no member named 'default_value'
new_field->vcol_info= new_field->default_value=
^~~~~~~~~~~~~
/builds/lts-team/packages/mariadb-10.1/debian/output/source_dir/sql/sql_select.cc:16092:18:
error: 'class Field' has no member named 'check_constraint';
did you mean 'Subst_constraint'?
new_field->check_constraint= 0;
^~~~~~~~~~~~~~~~
According to changelog
https://mariadb.com/kb/en/changes-improvements-in-mariadb-10-2/ BLOB default
and table default is a 10.2 feature.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -193411,10 +193411,11 @@ CVE-2022-27386 (MariaDB Server v10.7 and below was
discovered to contain a segme
- mariadb-10.5 <removed>
[bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1
- mariadb-10.3 <removed>
- - mariadb-10.1 <removed>
+ - mariadb-10.1 <not-affected>
NOTE: MariaDB bug: https://jira.mariadb.org/browse/MDEV-26406
NOTE: MariaDB main bug: https://jira.mariadb.org/browse/MDEV-21028
NOTE: MariaDB commit:
https://github.com/MariaDB/server/commit/5ba77222e9fe7af8ff403816b5338b18b342053c
(mariadb-10.3.35)
+ NOTE: POC does not coredump for mariadb10.1 and warn about not
supported default column
CVE-2022-27385 (An issue in the component
Used_tables_and_const_cache::used_tables_and ...)
- mariadb-10.6 1:10.6.8-1
- mariadb-10.5 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51eb42e26a5819ac16080ae34332d476b5883d06
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51eb42e26a5819ac16080ae34332d476b5883d06
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
