Bugs fixes in "mariadb-10.3"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2018-25032 | zlib 1.2.11 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | 2022-11-23 |
| Launchpad | 1996452 | CVE-2022-32091 et al affect MariaDB in Ubuntu | 2022-11-23 |
| CVE | CVE-2021-46667 | MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. | 2022-02-28 |
| CVE | CVE-2021-46662 | MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. | 2022-02-28 |
| CVE | CVE-2022-24052 | MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate p | 2022-02-28 |
| CVE | CVE-2022-24051 | MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on | 2022-02-28 |
| CVE | CVE-2022-24050 | MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on | 2022-02-28 |
| CVE | CVE-2022-24048 | MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate | 2022-02-28 |
| CVE | CVE-2021-46659 | MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. | 2022-02-28 |
| CVE | CVE-2021-46668 | MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource | 2022-02-28 |
| CVE | CVE-2021-46665 | MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. | 2022-02-28 |
| CVE | CVE-2021-46664 | MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr. | 2022-02-28 |
| CVE | CVE-2021-46663 | MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements. | 2022-02-28 |
| CVE | CVE-2021-46661 | MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). | 2022-02-28 |
| Launchpad | 1961350 | CVE-2022-24048 et al affect MariaDB in Ubuntu | 2022-02-28 |
| CVE | CVE-2021-46667 | MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. | 2022-02-28 |
| CVE | CVE-2021-46662 | MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. | 2022-02-28 |
| CVE | CVE-2022-24052 | MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate p | 2022-02-28 |
| CVE | CVE-2022-24051 | MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on | 2022-02-28 |
| CVE | CVE-2022-24050 | MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on | 2022-02-28 |
About
-
Send Feedback to @ubuntu_updates
