Advisories ยป MGASA-2022-0314

Updated mariadb packages fix security vulnerability

Publication date: 29 Aug 2022
Modification date: 29 Aug 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2018-25032 , CVE-2022-32081 , CVE-2022-32082 , CVE-2022-32084 , CVE-2022-32089 , CVE-2022-32091

Description

zlib before 1.2.12 allows memory corruption when deflating (i.e., when
compressing) if the input has many distant matches. (CVE-2018-25032)
A use-after-poison in prepare_inplace_add_virtual at
/storage/innobase/handler/handler0alter.cc. (CVE-2022-32081)
An assertion failure at table->get_ref_count() == 0 in dict0dict.cc.
(CVE-2022-32082)
Segmentation fault via the component sub_select. (CVE-2022-32084)
Segmentation fault via the component st_select_lex_unit::exclude_level.
(CVE-2022-32089)
                

References

SRPMS

8/core