Package "mariadb-plugin-cracklib-password-check"
Name: |
mariadb-plugin-cracklib-password-check
|
Description: |
CrackLib Password Validation Plugin for MariaDB
|
Latest version: |
1:10.3.39-0ubuntu0.20.04.2 |
Release: |
focal (20.04) |
Level: |
security |
Repository: |
universe |
Head package: |
mariadb-10.3 |
Homepage: |
https://mariadb.org/ |
Links
Download "mariadb-plugin-cracklib-password-check"
Other versions of "mariadb-plugin-cracklib-password-check" in Focal
Changelog
mariadb-10.3 (1:10.3.31-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: New upstream version 10.3.31 includes fixes for the
following security vulnerabilities (LP: #1939188):
- CVE-2021-2389
- CVE-2021-2372
-- Otto Kekäläinen <email address hidden> Fri, 06 Aug 2021 22:19:19 -0700
|
Source diff to previous version |
1939188 |
CVE-2021-2389 \u0026 CVE-2021-2372 affect MariaDB in Ubuntu |
CVE-2021-2389 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 a |
CVE-2021-2372 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 a |
|
mariadb-10.3 (1:10.3.30-0ubuntu0.20.04.1) focal-security; urgency=medium
* New upstream version 10.3.30 includes fixes for a critical bug that
was compromising the results of some type of queries (subqueries with
group by): https://jira.mariadb.org/browse/MDEV-25714 (LP: #1936727)
* Fix Perl executable path in scripts (stop using 'env') (Closes: #991472)
Upstream MariaDB has broken shebangs (#!/usr/bin/env perl) in several
scripts, thus rendering them potentially loading the wrong Perl version
and rendering the scripts unusable. Fixing the shebang recovers correct
behaviour.
[ Daniel Black ]
* Add caching_sha2_password.so (Closes: #962597) (LP: #1913676)
-- Otto Kekäläinen <email address hidden> Sat, 17 Jul 2021 15:59:58 -0700
|
Source diff to previous version |
1936727 |
[SRU] MariaDB new release 10.3.30 |
1913676 |
libmariadb3 fails to include caching_sha2_password.so |
991472 |
mariadb-client-10.3: mytop has wrong shebang line |
962597 |
libmariadb3: Install caching_sha2_password.so |
|
mariadb-10.3 (1:10.3.29-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: New upstream version 10.3.29 includes fixes for the
following security vulnerabilities (LP: #1926926):
- CVE-2021-2154
- CVE-2021-2166
* Previous release 10.3.28 included fixes for:
- CVE-2021-27928
* Previous release 10.3.26 included fixes for:
- CVE-2020-14765
- CVE-2020-14776
- CVE-2020-14789
- CVE-2020-14812
- CVE-2020-28912
- CVE-2021-2194
* Previous release 10.3.24 included fixes for:
- CVE-2021-2022
* Drop patch obsoleted by test file removal in upstream (MDEV-22653)
* Drop file removed upstream (MDEV-24586)
* Update symbols to include new one from MariaDB Client 3.1.13
-- Otto Kekäläinen <email address hidden> Sun, 09 May 2021 11:20:31 -0700
|
Source diff to previous version |
1926926 |
CVE-2021-27928 et al affects MariaDB in Ubuntu |
CVE-2021-2154 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior. Easily |
CVE-2021-2166 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0 |
CVE-2021-27928 |
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percon |
CVE-2020-14765 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31 |
CVE-2020-14776 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 a |
CVE-2020-14789 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and prior and 8.0 |
CVE-2020-14812 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior, 5. |
CVE-2020-28912 |
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to |
CVE-2021-2194 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 a |
CVE-2021-2022 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and |
|
mariadb-10.3 (1:10.3.25-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: New upstream version 10.3.25 includes fixes for the
following security vulnerabilities (LP: #1899500):
- CVE-2020-15180
* Includes previous upstream version 10.3.23 which has the fixes for
the following security vulnerabilities:
- CVE-2020-13249
- CVE-2020-2814
- CVE-2020-2812
- CVE-2020-2760
- CVE-2020-2752
* Includes subquery optimizer fix done in upstream MDEV-21614 (LP: #1894855)
* Includes Galera startup fix done in upstream MDEV-21140 (LP: #1894855)
* Adapt mariadb.pc location to upstream change
* Update libmariadb symbols for upstream release 3.1.8
* Remove salsa-ci.yml, does not work for Ubuntu quality assurance
-- Otto Kekäläinen <email address hidden> Mon, 12 Oct 2020 20:14:50 +0300
|
1894855 |
MariaDB 10.3.22-MariaDB-1ubuntu1 on Focal has subquery optimizer bug |
CVE-2020-13249 |
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: alt |
CVE-2020-2814 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and |
CVE-2020-2812 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and |
CVE-2020-2760 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 a |
CVE-2020-2752 |
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and p |
|
About
-
Send Feedback to @ubuntu_updates