Advisories » MGASA-2022-0070

Updated mariadb packages fix security vulnerability

Publication date: 18 Feb 2022
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-46659 , CVE-2021-46661 , CVE-2021-46663 , CVE-2021-46664 , CVE-2021-46665 , CVE-2021-46668 , CVE-2022-24048 , CVE-2022-24050 , CVE-2022-24051 , CVE-2022-24052

Description

InnoDB
- --skip-symbolic-links does not disallow .isl file creation (MDEV-26870)
- Indexed CHAR columns are broken with NO_PAD collations (MDEV-25440)
- insert-intention lock conflicts with waiting ORDINARY lock (MDEV-27025)
- Crash recovery improvements (MDEV-26784, MDEV-27022, MDEV-27183,
  MDEV-27610)

Galera¶
- Galera updated to 26.4.11
- Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory
  (MDEV-27181)
- Alter Sequence do not replicate to another nodes with in Galera Cluster
  (MDEV-19353)
- Galera crash - Assertion. Possible parallel writeset problem (MDEV-26803)
- CREATE TABLE with FOREIGN KEY constraint fails to apply in parallel
  (MDEV-27276)
- Galera cluster node consider old server_id value even after modification
  of server_id [wsrep_gtid_mode=ON] (MDEV-26223)

Replication
- Seconds behind master corrected from artificial spikes at relay-log
  rotation (MDEV-16091)
- Statement rollback in binlog when transaction creates or drop temporary
  table is set right (MDEV-26833)
- CREATE-or-REPLACE SEQUENCE is made to binlog with the DDL flag to
   stabilize its parallel execution on slave (MDEV-27365)

References

SRPMS

8/core