*** This bug is a security vulnerability *** Public security bug reported:
According to https://mariadb.com/kb/en/security/ the issue CVE-2021-27928 applies for MariaDB 10.5.9 and MariaDB 10.3.28 in Ubuntu. According to Debian LTS team it also applies to MariaDB 10.1 and there is a version specific patch available. I am working on updates for all maintained Ubuntu versions for MariaDB: - mariadb-10.1 in Bionic - mariadb-10.3 in Focal - mariadb-10.3 in Groovy - mariadb-10.5 in Hirsute MariaDB 10.5 in Impish will automatically import the new version from Debian Sid once available. Security sponsor note this: https://wiki.ubuntu.com/SecurityTeam/PublicationNotes#Sponsoring_MariaDB_Security_Updates ** Affects: mariadb-10.1 (Ubuntu) Importance: Undecided Assignee: Otto Kekäläinen (otto) Status: New ** Affects: mariadb-10.3 (Ubuntu) Importance: Undecided Assignee: Otto Kekäläinen (otto) Status: New ** Affects: mariadb-10.5 (Ubuntu) Importance: Undecided Assignee: Otto Kekäläinen (otto) Status: New ** Affects: mariadb-10.1 (Ubuntu Bionic) Importance: Undecided Status: New ** Affects: mariadb-10.3 (Ubuntu Focal) Importance: Undecided Status: New ** Affects: mariadb-10.3 (Ubuntu Groovy) Importance: Undecided Status: New ** Affects: mariadb-10.5 (Ubuntu Hirsute) Importance: Undecided Status: New ** Affects: mariadb-10.5 (Ubuntu Impish) Importance: Undecided Assignee: Otto Kekäläinen (otto) Status: New ** Also affects: mariadb-10.1 (Ubuntu) Importance: Undecided Status: New ** Also affects: mariadb-10.5 (Ubuntu) Importance: Undecided Status: New ** Changed in: mariadb-10.1 (Ubuntu) Assignee: (unassigned) => Otto Kekäläinen (otto) ** Changed in: mariadb-10.5 (Ubuntu) Assignee: (unassigned) => Otto Kekäläinen (otto) ** Also affects: mariadb-10.1 (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: mariadb-10.3 (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: mariadb-10.5 (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: mariadb-10.1 (Ubuntu Impish) Importance: Undecided Assignee: Otto Kekäläinen (otto) Status: New ** Also affects: mariadb-10.3 (Ubuntu Impish) Importance: Undecided Assignee: Otto Kekäläinen (otto) Status: New ** Also affects: mariadb-10.5 (Ubuntu Impish) Importance: Undecided Assignee: Otto Kekäläinen (otto) Status: New ** Also affects: mariadb-10.1 (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: mariadb-10.3 (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: mariadb-10.5 (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: mariadb-10.1 (Ubuntu Hirsute) Importance: Undecided Status: New ** Also affects: mariadb-10.3 (Ubuntu Hirsute) Importance: Undecided Status: New ** Also affects: mariadb-10.5 (Ubuntu Hirsute) Importance: Undecided Status: New ** Also affects: mariadb-10.1 (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: mariadb-10.3 (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: mariadb-10.5 (Ubuntu Groovy) Importance: Undecided Status: New ** No longer affects: mariadb-10.1 (Ubuntu Focal) ** No longer affects: mariadb-10.1 (Ubuntu Groovy) ** No longer affects: mariadb-10.1 (Ubuntu Hirsute) ** No longer affects: mariadb-10.1 (Ubuntu Impish) ** No longer affects: mariadb-10.3 (Ubuntu Bionic) ** No longer affects: mariadb-10.3 (Ubuntu Hirsute) ** No longer affects: mariadb-10.3 (Ubuntu Impish) ** No longer affects: mariadb-10.5 (Ubuntu Bionic) ** No longer affects: mariadb-10.5 (Ubuntu Focal) ** No longer affects: mariadb-10.5 (Ubuntu Groovy) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1926926 Title: CVE-2021-27928 et al affects MariaDB in Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mariadb-10.1/+bug/1926926/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
