Package "virtuoso-opensource"
Name: |
virtuoso-opensource
|
Description: |
high-performance database
|
Latest version: |
7.2.5.1+dfsg1-0.3ubuntu1.1 |
Release: |
mantic (23.10) |
Level: |
updates |
Repository: |
universe |
Homepage: |
http://vos.openlinksw.com/owiki/wiki/VOS/ |
Links
Download "virtuoso-opensource"
Other versions of "virtuoso-opensource" in Mantic
Packages in group
Deleted packages are displayed in grey.
Changelog
virtuoso-opensource (7.2.5.1+dfsg1-0.3ubuntu1.1) mantic-security; urgency=medium
* SECURITY UPDATE: SQL Injection
- debian/patches/CVE-2023-31607.patch: Fixed missing check for max
number of key parts
- debian/patches/CVE-2023-31608.patch: Fixed 64bit arith overflow
- debian/patches/CVE-2023-31609.patch: Fixed issue if original dfe
not there; see error in optimizer
- debian/patches/CVE-2023-31610-31619-31623-31625-31628.patch: Fixed
missing arguments in table def
- debian/patches/CVE-2023-31611.patch: Fixed expand column list
during parsing
- debian/patches/CVE-2023-31612.patch: Fixed missing check for a
qexp to continue with
- debian/patches/CVE-2023-31613.patch: Added missing reuse check for
dv bin
- debian/patches/CVE-2023-31614.patch: Fixed compare only up to cha
key parts
- debian/patches/CVE-2023-31615.patch: Fixed do not change col_dtp
if already set before
- debian/patches/CVE-2023-31616.patch: Fixed 64bit arith exception
- debian/patches/CVE-2023-31617.patch: Fixed save/restore temp refs
- debian/patches/CVE-2023-31618.patch: Fixed non-terminal in union
branch is not supported
- CVE-2023-31607
- CVE-2023-31608
- CVE-2023-31609
- CVE-2023-31610
- CVE-2023-31611
- CVE-2023-31612
- CVE-2023-31613
- CVE-2023-31614
- CVE-2023-31615
- CVE-2023-31616
- CVE-2023-31617
- CVE-2023-31618
- CVE-2023-31619
- CVE-2023-31623
- CVE-2023-31625
- CVE-2023-31628
-- Allen Huang <email address hidden> Tue, 11 Jun 2024 11:11:31 +0100
|
CVE-2023-31607 |
An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL st |
CVE-2023-31608 |
An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL sta |
CVE-2023-31609 |
An issue in the dfe_unit_col_loci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQ |
CVE-2023-31610 |
An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted S |
CVE-2023-31611 |
An issue in the __libc_longjmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL s |
CVE-2023-31612 |
An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL st |
CVE-2023-31613 |
An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafte |
CVE-2023-31614 |
An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after r |
CVE-2023-31615 |
An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL stat |
CVE-2023-31616 |
An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statemen |
CVE-2023-31617 |
An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL st |
CVE-2023-31618 |
An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted S |
CVE-2023-31619 |
An issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted S |
CVE-2023-31623 |
An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL stat |
CVE-2023-31625 |
An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL stateme |
CVE-2023-31628 |
An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statemen |
|
About
-
Send Feedback to @ubuntu_updates