Univention Bugzilla – Bug 49373
mariadb-10.1: Multiple issues (4.4)
Last modified: 2019-05-02 13:22:30 CEST
New Debian mariadb-10.1 10.1.38-0+deb9u1 fixes: This update addresses the following issues: * Server: Optimizer unspecified vulnerability (CPU Jan 2019) (CVE-2019-2529) * Server: DDL unspecified vulnerability (CPU Jan 2019) (CVE-2019-2537)
--- mirror/ftp/4.3/unmaintained/4.3-3/source/mariadb-10.1_10.1.37-0+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-0/source/mariadb-10.1_10.1.38-0+deb9u1.dsc @@ -1,7 +1,26 @@ +10.1.38-0+deb9u1 [Tue, 16 Apr 2019 14:56:50 +0300] Otto Kekäläinen <otto@debian.org>: + + * SECURITY UPDATE: New upstream release 10.1.38. Includes fixes for + the following security vulnerabilities (Closes: #920933): + - CVE-2019-2537 + - CVE-2019-2529 + * Update correct branch name in gbp.conf + * Disable test unit.pcre_test on s390x that was failing in stretch-security + (Closes: #920854) + * Limit build test suite to 'main' like in mariadb-10.3 to make unnecessary + build failures less likely in lifetime of Stretch. + * Fix mips compilation failure (__bss_start symbol missing) (Closes: #920855) + * Extend the server README to clarify common misunderstandings + (Closes: #878215) + * Enable ccache in CMake path so it can be used automatically where available + * Heavily refactor and unify gitlab-ci.yml MariaDB install/upgrade steps. + This ensures uploads to Stretch are much more safer to do now than in the + past. + 10.1.37-0+deb9u1 [Wed, 08 Aug 2018 19:32:41 +0300] Otto Kekäläinen <otto@debian.org>: * SECURITY UPDATE: New upstream release 10.1.37. Includes fixes for - the following security vulnerabilities (Closes: #912848); + the following security vulnerabilities (Closes: #912848): - CVE-2018-3282 - CVE-2018-3251 - CVE-2018-3174 @@ -14,6 +33,9 @@ * Physically remove patches no longer in series and not applied anyway * Fix wrong-path-for-interpreter in innotop script to make package Lintian error free as pass CI systems fully + * Previous upstream version 10.1.36 included fixes for the following + security vulnerabilities: + - CVE-2019-2503 * Previous upstream version 10.1.35 included fixes for the following security vulnerabilities: - CVE-2018-3066 <http://10.200.17.11/4.4-0/#8276844549449548383>
OK: yaml OK: announce_errata OK: patch ~OK: piuparts Plugins do not properly cleanup themselves from DB on uninstall [4.4-0] 557fc2d3e7 Bug #49373: mariadb-10.1 10.1.38-0+deb9u1 doc/errata/staging/mariadb-10.1.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) [4.4-0] c94fe28726 Bug #49373: mariadb-10.1 10.1.38-0+deb9u1 doc/errata/staging/mariadb-10.1.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<http://errata.software-univention.de/ucs/4.4/66.html>