-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3891-1 [email protected] https://www.debian.org/lts/security/ Otto Kekäläinen September 18, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : mariadb-10.5 Version : 1:10.5.26-0+deb11u2 CVE ID : CVE-2024-21096 Debian Bug : 1069189 1015293 A vulnerability was discovered in MariaDB, a SQL database server compatible with MySQL. An attacker could generate a malicious dump file which could execute shell commands from the MariaDB client. The fix may cause a compatibility issue with older MariaDB and MySQL clients, with existing workarounds, as detailed at: https://mariadb.org/mariadb-dump-file-compatibility-change/ This updates also includes bugfixes through the 10.5 maintenance branch, as detailed at: https://mariadb.com/kb/en/mariadb-10-5-24-release-notes/ https://mariadb.com/kb/en/mariadb-10-5-25-release-notes/ https://mariadb.com/kb/en/mariadb-10-5-26-release-notes/ For Debian 11 bullseye, this problem has been fixed in version 1:10.5.26-0+deb11u2. We recommend that you upgrade your mariadb-10.5 packages. For the detailed security status of mariadb-10.5 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mariadb-10.5 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmbqnTAACgkQDTl9HeUl XjB1uA//QbINMqqIPaD7wD4xTIS+rfP3D7HNoXDnxFrW/VNydAEJJw4Pg+1A8v6p 0GjsKMWp2fMmc/OuGsucHcVrVPhCEHL3+kK/v7jO4f4/JTYz0QJR0x8Cl2A4DlDu M4/uNLHOZLIgvI/HFiLNACOcDikA+/lnsff8Uxedy41KpP9VavfH/hDgLZAk4y9Q 6l+DpCNSHJJ8tWd/DFjkG/22ac6qwEcBhwCSD69WsU1UJxDal0w1IBXIme99ZcJH zAmh/XOh9Dl2jCZbfvdFFGme1+r7F3TE9Z+GJ7+Kw4NiMhf2a3kBYF+pTlvDFw2W jQrTBlJR+b6icC/EsAqkhnIr++PDK9RmPMBqeRC1eplOKZTI27lEUXpVwt/x5DgU 88251BH+vsQHTJcck4HqnnuKbGeX/pIYYJnN0MuEgqZqb7WznMre2TXtoVyfbRwf sM/ige/IQ3rPgb+zViKl4tVeH/R9qCanXwdzLh/s/uwb0A/6TeMIbtXIaxBx4imB G/g5e1p/11I5XGKJfRr7rLSlv7Lnm3AxG+FE9otPtzUTr8zHBC5xdqYWRnoarnfD zewkxWQSarX4ln3gdEjBmQpDPMrKTWgtxGG2nbyEqez2RTXOYnUPB0FizMMZrdKH tSfpast8xjFzYWlj6r5zJ+l5HTEljLyNsjSdTtOTIkKehyijnc0= =88+N -----END PGP SIGNATURE-----
