|
|
Log in / Subscribe / Register

Mageia alert MGASA-2020-0072 (mariadb)



From:
              Mageia Updates <buildsystem-daemon@mageia.org> 


To:
              updates-announce@ml.mageia.org 


Subject:
              [updates-announce] MGASA-2020-0072: Updated mariadb packages fix security vulnerability 


Date:
              Thu, 30 Jan 2020 19:29:38 +0100


Message-ID:
              <20200130182938.363B29F641@duvel.mageia.org>


MGASA-2020-0072 - Updated mariadb packages fix security vulnerability

Publication date: 30 Jan 2020
URL: https://advisories.mageia.org/MGASA-2020-0072.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-2574

Description:
Updated MariaDB packages fix security vulnerabilities:

Difficult to exploit vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Client.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Client (CVE-2020-2574).

In addtion a new pam subpackge is provided which adds prebuilt
pam_user_map

For other fixes in this update, see the referenced release notes.

References:
- https://bugs.mageia.org/show_bug.cgi?id=26142
- https://mariadb.com/kb/en/authentication-plugin-pam/
- https://mariadb.com/kb/en/mariadb-10322-release-notes/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574

SRPMS:
- 7/core/mariadb-10.3.22-1.mga7
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds