ALSA-2022:6443

[ALSA-2022:6443] Moderate: mariadb:10.3 security and bug fix update

Type:

security

Severity:

moderate

Release date:

2022-10-14

Description:

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. 

The following packages have been upgraded to a later upstream version: mariadb (10.3.35), galera (25.3.35).

Security Fix(es):

* mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used (CVE-2021-46669)
* mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) (CVE-2022-21427)
* mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer (CVE-2022-24048)
* mariadb: lack of validating the existence of an object prior to performing operations on the object (CVE-2022-24050)
* mariadb: lack of proper validation of a user-supplied string before using it as a format specifier (CVE-2022-24051)
* mariadb: CONNECT storage engine heap-based buffer overflow (CVE-2022-24052)
* mariadb: assertion failure in Item_args::walk_arg (CVE-2022-27376)
* mariadb: use-after-poison when complex conversion is involved in blob (CVE-2022-27377)
* mariadb: server crash in create_tmp_table::finalize (CVE-2022-27378)
* mariadb: server crash in component arg_comparator::compare_real_fixed (CVE-2022-27379)
* mariadb: server crash at my_decimal::operator= (CVE-2022-27380)
* mariadb: server crash at Field::set_default via specially crafted SQL statements (CVE-2022-27381)
* mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c (CVE-2022-27383)
* mariadb: crash via component Item_subselect::init_expr_cache_tracker (CVE-2022-27384)
* mariadb: server crashes in query_arena::set_query_arena upon SELECT from view (CVE-2022-27386)
* mariadb: assertion failures in decimal_bin_size (CVE-2022-27387)
* mariadb: assertion failure in compare_order_elements (CVE-2022-27445)
* mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27447)
* mariadb: crash in multi-update and implicit grouping (CVE-2022-27448)
* mariadb: assertion failure in sql/item_func.cc (CVE-2022-27449)
* mariadb: assertion failure in sql/item_cmpfunc.cc (CVE-2022-27452)
* mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc (CVE-2022-27456)
* mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27458)
* mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31622)
* mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31623)
* mariadb: server crash at Item_subselect::init_expr_cache_tracker (CVE-2022-32083)
* mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor (CVE-2022-32085)
* mariadb: server crash in Item_args::walk_args (CVE-2022-32087)
* mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort (CVE-2022-32088)
* mariadb: Crash executing query with VIEW, aggregate and subquery (CVE-2021-46659)
* mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE) (CVE-2021-46661)
* mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements (CVE-2021-46663)
* mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr (CVE-2021-46664)
* mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations (CVE-2021-46665)
* mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements (CVE-2021-46668)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* [Tracker] Rebase to Galera 25.3.35 for MariaDB-10.3 (BZ#2107075)

References:

CVE-2021-46659
CVE-2021-46661
CVE-2021-46663
CVE-2021-46664
CVE-2021-46665
CVE-2021-46668
CVE-2021-46669
CVE-2022-21427
CVE-2022-24048
CVE-2022-24050
CVE-2022-24051
CVE-2022-24052
CVE-2022-27376
CVE-2022-27377
CVE-2022-27378
CVE-2022-27379
CVE-2022-27380
CVE-2022-27381
CVE-2022-27383
CVE-2022-27384
CVE-2022-27386
CVE-2022-27387
CVE-2022-27445
CVE-2022-27447
CVE-2022-27448
CVE-2022-27449
CVE-2022-27452
CVE-2022-27456
CVE-2022-27458
CVE-2022-31622
CVE-2022-31623
CVE-2022-32083
CVE-2022-32085
CVE-2022-32087
CVE-2022-32088
RHSA-2022:6443
ALSA-2022:6443

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mariadb-embedded-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	022bcac4a7fae09001dbde07aa65a7c1d2def69f3ffad8e915893efb051cffa9
aarch64	mariadb-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	09681faa6d1822721a214e0ba2a1141d4792955274f855d7a725be37fa312476
aarch64	mariadb-server-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	098421a3077b2ecb305dbaad5ed58f650d23b7379bd421bd272203685031ede6
aarch64	mariadb-backup-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	0a384327870cc50573a9c47e7685ea2faee651e4ccc7efd48e9b8c978aded189
aarch64	mariadb-errmsg-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	12e6dc80e35edb6e6dc676b6b26526604fb5c3f11569eed04fae7a312acf6b89
aarch64	mariadb-gssapi-server-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	152f3d17d8bf91a7b5354619e9a83578c273a3facc4c9f7fc6f94e76f09d49f4
aarch64	mariadb-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	2e3edd62f256e1f344b3ccaf6589e5363257dcc2eff6421874fe6722a00088f1
aarch64	mariadb-common-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	5b5028b6e7b5ab7a35b087b31e1d75733da60e0a4009509fa68c62cf1d1bcff6
aarch64	mariadb-embedded-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	ae4593962b32d4d58c0602539f7fc866a397e196a60c150566fe465de1235370
aarch64	galera-25.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	b96d60449810fdad20d2c02b198dc3792f5ef65affa1db21528103e72b21a855
aarch64	mariadb-server-utils-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	c1f98451b235e5bc47e36cc57475b0ac1358bfd088701b75ae81cbda9110a321
aarch64	mariadb-test-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	cd2816c2d23fbe916717e3724489c55ed1c69246e4eb83d737080088341f08ad
aarch64	Judy-1.0.5-18.module_el8.6.0+3072+3c630e87.aarch64.rpm	e0c89719ccfe15cb70854634b958d288e851351ea5bba7fb9f7fdd50989c8e8d
aarch64	mariadb-server-galera-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	f3afa979711a9d349cafabe10579d9eb0d4c392687ffd4b4cab204612ebfed3e
aarch64	mariadb-oqgraph-engine-10.3.35-1.module_el8.6.0+3265+230ed96b.aarch64.rpm	f6917f52b78766a1cdf86ab3cc33f3aac9479bc19137b69f69136f7294eb865b
ppc64le	mariadb-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	01150e6e47fb1dce61688d323b11adaddebc835b6bc94e165da33bf228fbc8bc
ppc64le	mariadb-backup-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	037c0dc25dc368e0035fbaaa66f359645e2755c04000f9f736fe97c89333b34d
ppc64le	mariadb-server-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	059392ecd2e3247c2b08073e334ab1dc497f9ff0f14ceb88c99986053a5b5163
ppc64le	mariadb-gssapi-server-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	1a92ea5f7e633204bde3410368998d2856c15d61eb3797dfed4a558f858f60b3
ppc64le	mariadb-server-galera-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	20ad7d24ad064ef57a3f1a2584026f8325660281186d3758270febe34cf88487
ppc64le	mariadb-embedded-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	3fcb2da7919a9227bd1be8e83581b4680bf4cb2b452233ba35b79b510a11d6e3
ppc64le	mariadb-test-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	488836539e0c66c114a4fecffec3ad26b3186bc7409e20312c40d35ba2396f74
ppc64le	mariadb-errmsg-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	59a2f032fe60a15179b32f98a03aba24cb47d7c53df0c4da78dfa146de09f704
ppc64le	Judy-1.0.5-18.module_el8.6.0+3072+3c630e87.ppc64le.rpm	61e33a89b0b98fba1a137266b47690afb7d6d11b650734648c0855994c5ea423
ppc64le	mariadb-common-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	87b532980ac273aec2f5f1d7ec18fdcd9f2b7a80b2294f794ccfe3a48671bf27
ppc64le	mariadb-server-utils-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	ade61a8569da392f370c131b376ab2e8406a0192c12740a1b0fcab3f7afd0de0
ppc64le	mariadb-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	cafa301a08c11f067ca31937e148e2a84cd0a3d28cb5e789529eba9ab33bb1c9
ppc64le	galera-25.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	d5db15b090ca9865df00f736a455f470cf8babe163c8e8162926aa14f9295674
ppc64le	mariadb-oqgraph-engine-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	dec3a68aada4a310236b2e00229a7d147b574311b89144a0e02c4adf7045c61c
ppc64le	mariadb-embedded-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.ppc64le.rpm	fb9502c3d2961fca2fee8e35981aac48e1996a8e6216ef29e70c75cbd0192a1e
s390x	mariadb-embedded-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	3c3b0c00d80a3f586e34bffb735ff7f2038dc06ff2bcf2c2a95403aee82f16cf
s390x	mariadb-test-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	4b79ed164106e29e052adb237ed499b2ff517c01253219e37b90bcc8c28060c9
s390x	mariadb-backup-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	500da89d41fe4826851f7632cdea3a9ad117fcea12f2c656545624557c6c1309
s390x	mariadb-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	5511158b35b9f6ca054323a1e20cd3dda643e4b150e88cd3d871b0aec5347576
s390x	Judy-1.0.5-18.module_el8.6.0+3139+3c630e87.s390x.rpm	59dbe47a24dd747f379e9f6d5ffd2bc78e4a00761f786bda069dc504479a570e
s390x	galera-25.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	5c0f59872a828a13537e65eb3aed0e3e8f7b6ef50f9136210851f381c5cac309
s390x	mariadb-server-utils-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	5c962b1ca4424ccf2134007135712963ef9160b11d112ddf01eac1e14aad5f71
s390x	mariadb-gssapi-server-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	5ca9f0f4066e62411259eb4a07698fc86152d778f8799469f27a1c169f0197fb
s390x	mariadb-common-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	6897c0d746241182af282ccfba93b0aae02d49bbca9387ce7824fb2dacd26706
s390x	mariadb-embedded-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	7c0d336fcd1ca8dd80596ce3a55953a7f5263c71681f6978d778fff42d7d93ef
s390x	mariadb-server-galera-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	c80868c95223581ad9a2f8affd084200356bdbec35a98d049598de2db17d4b1e
s390x	mariadb-errmsg-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	d1a5b07ea33afd0bccfac8d6e9544879614473032d0949d0533367f503b6e242
s390x	mariadb-server-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	d7e9fcd6df8be218369d31d363eb611f1ee9eb39db04342f254e22b9e50c95d9
s390x	mariadb-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	e791819b231144f10735a5d0fa109ff07d47e47994e5f40ad2284e1fd015f96a
s390x	mariadb-oqgraph-engine-10.3.35-1.module_el8.6.0+3265+230ed96b.s390x.rpm	f6ffbf8b43ba2028d975edc908e8c24da9085d242948357c285abd6d3564cb44
x86_64	mariadb-server-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	12cc03a798a454e106497feeb931a11c02960eea2033a5b8296da5a801515ed4
x86_64	mariadb-oqgraph-engine-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	28c63d203b4d7168431500687c3593c0e7c936f1ed5ff564fb38b678387ecd7a
x86_64	mariadb-embedded-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	611cd20b98cbc7c98fc49497a57d8e4fcb7fd0a9760b323d547dac93a4cfcbbf
x86_64	galera-25.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	74af14f0495b7ed2b8182c278337603fe3bbfcd8f03eb5ca84da30fe71db4fb5
x86_64	mariadb-test-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	77f4b034d1475edb63fbc0f555dfdde4084c6b5975b4db9e13cbdb2bea46b5c5
x86_64	mariadb-common-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	952b9b07ca564e52e822fec182e3b1e742fb66e9699424d001d2e800c7f7055e
x86_64	mariadb-errmsg-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	9d83e4b45b2466d95ed89e48b5a425d9e9da94d48085012920c101286c4dea40
x86_64	Judy-1.0.5-18.module_el8.6.0+3072+3c630e87.x86_64.rpm	ad0644e015a6d87a82c891ce0a1bb5ac32419e5f3ef2abbd72fc2b2d1e7a90f7
x86_64	mariadb-gssapi-server-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	b82220e360584d919f26d81218f27f9b7961a52d9329529c2a52189afe12d4e9
x86_64	mariadb-server-utils-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	c955e34d2949e8ed7fe5ba927820ab592604f9e1a8b139e462ac5f3c2636f61d
x86_64	mariadb-backup-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	e4fed67b2b9d21da1e3a1adac9317780de316b6c941a0fe3035a2ae3fb77b3cd
x86_64	mariadb-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	e52645658ab1d310b83edc4a05092e8e9a45f1e8ef9b7ff0d97416c9db014bea
x86_64	mariadb-server-galera-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	f48dbf7c99a55362d2a90a7d6ce0ba5ca46d6666c6d9cfc796b0e4164b329ccf
x86_64	mariadb-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	fb564e882878bdc080b1d9a7a3404ffe87e0f1251735a4da9579bbabdba6f5b0
x86_64	mariadb-embedded-devel-10.3.35-1.module_el8.6.0+3265+230ed96b.x86_64.rpm	fd9c28ddbed33a4390087165826be6503e71675dc89ba0dfc5883bb99ca0102f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.