Univention Bugzilla – Full Text Bug Listing |
Summary: | mariadb-10.1: Multiple issues (4.4) | ||
---|---|---|---|
Product: | UCS | Reporter: | Quality Assurance <qa> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | ||
Version: | UCS 4.4 | ||
Target Milestone: | UCS 4.4-0-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) |
Description
Quality Assurance
2019-04-29 08:32:13 CEST
--- mirror/ftp/4.3/unmaintained/4.3-3/source/mariadb-10.1_10.1.37-0+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-0/source/mariadb-10.1_10.1.38-0+deb9u1.dsc @@ -1,7 +1,26 @@ +10.1.38-0+deb9u1 [Tue, 16 Apr 2019 14:56:50 +0300] Otto Kekäläinen <otto@debian.org>: + + * SECURITY UPDATE: New upstream release 10.1.38. Includes fixes for + the following security vulnerabilities (Closes: #920933): + - CVE-2019-2537 + - CVE-2019-2529 + * Update correct branch name in gbp.conf + * Disable test unit.pcre_test on s390x that was failing in stretch-security + (Closes: #920854) + * Limit build test suite to 'main' like in mariadb-10.3 to make unnecessary + build failures less likely in lifetime of Stretch. + * Fix mips compilation failure (__bss_start symbol missing) (Closes: #920855) + * Extend the server README to clarify common misunderstandings + (Closes: #878215) + * Enable ccache in CMake path so it can be used automatically where available + * Heavily refactor and unify gitlab-ci.yml MariaDB install/upgrade steps. + This ensures uploads to Stretch are much more safer to do now than in the + past. + 10.1.37-0+deb9u1 [Wed, 08 Aug 2018 19:32:41 +0300] Otto Kekäläinen <otto@debian.org>: * SECURITY UPDATE: New upstream release 10.1.37. Includes fixes for - the following security vulnerabilities (Closes: #912848); + the following security vulnerabilities (Closes: #912848): - CVE-2018-3282 - CVE-2018-3251 - CVE-2018-3174 @@ -14,6 +33,9 @@ * Physically remove patches no longer in series and not applied anyway * Fix wrong-path-for-interpreter in innotop script to make package Lintian error free as pass CI systems fully + * Previous upstream version 10.1.36 included fixes for the following + security vulnerabilities: + - CVE-2019-2503 * Previous upstream version 10.1.35 included fixes for the following security vulnerabilities: - CVE-2018-3066 <http://10.200.17.11/4.4-0/#8276844549449548383> OK: yaml OK: announce_errata OK: patch ~OK: piuparts Plugins do not properly cleanup themselves from DB on uninstall [4.4-0] 557fc2d3e7 Bug #49373: mariadb-10.1 10.1.38-0+deb9u1 doc/errata/staging/mariadb-10.1.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) [4.4-0] c94fe28726 Bug #49373: mariadb-10.1 10.1.38-0+deb9u1 doc/errata/staging/mariadb-10.1.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) |