[USN-5170-1] MariaDB vulnerability

Camila Camargo de Matos camila.camargodematos at canonical.com
Mon Dec 6 17:08:08 UTC 2021 

==========================================================================
Ubuntu Security Notice USN-5170-1
December 06, 2021

mariadb-10.3, mariadb-10.5 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.10
- Ubuntu 21.04
- Ubuntu 20.04 LTS

Summary:

A security issue was fixed in MariaDB

Software Description:
- mariadb-10.5: MariaDB database
- mariadb-10.3: MariaDB database

Details:

A security issue was discovered in MariaDB and this update includes
new upstream MariaDB versions to fix the issue.

MariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in
Ubuntu 21.04 and Ubuntu 21.10.

In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.10:
  mariadb-server                  1:10.5.13-0ubuntu0.21.10.1

Ubuntu 21.04:
  mariadb-server                  1:10.5.13-0ubuntu0.21.04.1

Ubuntu 20.04 LTS:
  mariadb-server                  1:10.3.32-0ubuntu0.20.04.1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart MariaDB to
make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5170-1
<https://ubuntu.com/security/notices/USN-5170-1>
  CVE-2021-35604

Package Information:
 
https://launchpad.net/ubuntu/+source/mariadb-10.5/1:10.5.13-0ubuntu0.21.10.1
<https://launchpad.net/ubuntu/+source/mariadb-10.5/1:10.5.13-0ubuntu0.21.10.1>
 
https://launchpad.net/ubuntu/+source/mariadb-10.5/1:10.5.13-0ubuntu0.21.04.1
<https://launchpad.net/ubuntu/+source/mariadb-10.5/1:10.5.13-0ubuntu0.21.04.1>
 
https://launchpad.net/ubuntu/+source/mariadb-10.3/1:10.3.32-0ubuntu0.20.04.1
<https://launchpad.net/ubuntu/+source/mariadb-10.3/1:10.3.32-0ubuntu0.20.04.1>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20211206/9aec4904/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20211206/9aec4904/attachment-0001.sig>

More information about the ubuntu-security-announce mailing list