Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8ccc01a3 by Moritz Mühlenhoff at 2022-12-02T09:56:15+01:00 mariadb spu - - - - - 2 changed files: - data/CVE/list - data/next-point-update.txt Changes: ===================================== data/CVE/list ===================================== @@ -41311,6 +41311,7 @@ CVE-2022-32091 (MariaDB v10.7 was discovered to contain an use-after-poison in i {DLA-3114-1} - mariadb-10.6 1:10.6.9-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26431 CVE-2022-32090 @@ -41318,12 +41319,14 @@ CVE-2022-32090 CVE-2022-32089 (MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault ...) - mariadb-10.6 1:10.6.9-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-26410 CVE-2022-32088 (MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault ...) {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26419 NOTE: Fixed in: 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4 @@ -41331,12 +41334,14 @@ CVE-2022-32087 (MariaDB v10.2 to v10.7 was discovered to contain a segmentation {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26437 NOTE: Fixed in: 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4 CVE-2022-32086 (MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault ...) - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-26412 NOTE: Fixed in: 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3 @@ -41344,6 +41349,7 @@ CVE-2022-32085 (MariaDB v10.2 to v10.7 was discovered to contain a segmentation {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26407 NOTE: Fixed in: 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4 @@ -41351,23 +41357,27 @@ CVE-2022-32084 (MariaDB v10.2 to v10.7 was discovered to contain a segmentation {DLA-3114-1} - mariadb-10.6 1:10.6.9-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26427 CVE-2022-32083 (MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation faul ...) {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26047 NOTE: Fixed in: 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3 CVE-2022-32082 (MariaDB v10.5 to v10.7 was discovered to contain an assertion failure ...) - mariadb-10.6 1:10.6.9-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.5 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-26433 CVE-2022-32081 (MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison i ...) - mariadb-10.6 1:10.6.9-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-26420 CVE-2022-32080 @@ -55037,6 +55047,7 @@ CVE-2022-27458 (MariaDB Server v10.6.3 and below was discovered to contain an us {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-28099 @@ -55050,12 +55061,14 @@ CVE-2022-27456 (MariaDB Server v10.6.3 and below was discovered to contain an us {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-28093 CVE-2022-27455 (MariaDB Server v10.6.3 and below was discovered to contain an use-afte ...) - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) - mariadb-10.1 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-28097 @@ -55067,12 +55080,14 @@ CVE-2022-27452 (MariaDB Server v10.9 and below was discovered to contain a segme {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-28090 CVE-2022-27451 (MariaDB Server v10.9 and below was discovered to contain a segmentatio ...) - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) - mariadb-10.1 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-28094 @@ -55082,6 +55097,7 @@ CVE-2022-27449 (MariaDB Server v10.9 and below was discovered to contain a segme {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-28089 @@ -55089,6 +55105,7 @@ CVE-2022-27448 (There is an Assertion failure in MariaDB Server v10.9 and below {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-28095 @@ -55096,12 +55113,14 @@ CVE-2022-27447 (MariaDB Server v10.9 and below was discovered to contain a use-a {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-28099 CVE-2022-27446 (MariaDB Server v10.9 and below was discovered to contain a segmentatio ...) - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) - mariadb-10.1 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-28082 @@ -55109,6 +55128,7 @@ CVE-2022-27445 (MariaDB Server v10.9 and below was discovered to contain a segme {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-28081 @@ -55116,6 +55136,7 @@ CVE-2022-27445 (MariaDB Server v10.9 and below was discovered to contain a segme CVE-2022-27444 (MariaDB Server v10.9 and below was discovered to contain a segmentatio ...) - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) - mariadb-10.1 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-28080 @@ -55266,6 +55287,7 @@ CVE-2022-27387 (MariaDB Server v10.7 and below was discovered to contain a globa {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26422 @@ -55273,12 +55295,14 @@ CVE-2022-27386 (MariaDB Server v10.7 and below was discovered to contain a segme {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26406 CVE-2022-27385 (An issue in the component Used_tables_and_const_cache::used_tables_and ...) - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.5 onwards) - mariadb-10.1 <not-affected> (Only affects MariaDB 10.5 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-26415 @@ -55286,6 +55310,7 @@ CVE-2022-27384 (An issue in the component Item_subselect::init_expr_cache_tracke {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26047 @@ -55299,6 +55324,7 @@ CVE-2022-27383 (MariaDB Server v10.6 and below was discovered to contain an use- CVE-2022-27382 (MariaDB Server v10.7 and below was discovered to contain a segmentatio ...) - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <not-affected> (Only affects MariaDB 10.4 onwards) - mariadb-10.1 <not-affected> (Only affects MariaDB 10.4 onwards) NOTE: https://jira.mariadb.org/browse/MDEV-26402 @@ -55306,6 +55332,7 @@ CVE-2022-27381 (An issue in the component Field::set_default of MariaDB Server v {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26061 @@ -55313,6 +55340,7 @@ CVE-2022-27380 (An issue in the component my_decimal::operator= of MariaDB Serve {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26280 @@ -55320,6 +55348,7 @@ CVE-2022-27379 (An issue in the component Arg_comparator::compare_real_fixed of {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26353 @@ -55327,6 +55356,7 @@ CVE-2022-27378 (An issue in the component Create_tmp_table::finalize of MariaDB {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26423 @@ -55334,6 +55364,7 @@ CVE-2022-27377 (MariaDB Server v10.6.3 and below was discovered to contain an us {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26281 @@ -55341,6 +55372,7 @@ CVE-2022-27376 (MariaDB Server v10.6.5 and below was discovered to contain an us {DLA-3114-1} - mariadb-10.6 1:10.6.8-1 - mariadb-10.5 <removed> + [bullseye] - mariadb-10.5 <no-dsa> (Will be fixed via spu) - mariadb-10.3 <removed> - mariadb-10.1 <removed> NOTE: https://jira.mariadb.org/browse/MDEV-26354 ===================================== data/next-point-update.txt ===================================== @@ -90,3 +90,71 @@ CVE-2022-38850 [bullseye] - mplayer 2:1.4+ds1-1+deb11u1 CVE-2022-46338 [bullseye] - g810-led 0.4.2-1+deb11u1 +CVE-2022-32081 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32082 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32084 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32089 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32091 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2021-46669 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27376 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27377 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27378 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27379 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27380 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27381 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27382 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27383 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27384 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27386 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27387 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27444 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27445 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27446 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27447 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27448 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27449 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27451 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27452 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27455 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27456 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27457 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-27458 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32083 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32085 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32086 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32087 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-32088 + [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ccc01a3cc6be7537d3aa9b30ed84953ced70fd6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ccc01a3cc6be7537d3aa9b30ed84953ced70fd6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits