galera-26.4.20-1.el9_5, mariadb-10.5.27-1.el9_5

エラータID: AXSA:2025-9651:01

Release date: 
Thursday, February 13, 2025 - 15:30
Subject: 
galera-26.4.20-1.el9_5, mariadb-10.5.27-1.el9_5
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mariadbd) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and utilities.

Security Fix(es):

* mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22084)
* mysql: Client: mysqldump unspecified vulnerability (CPU Apr 2024) (CVE-2024-21096)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-22084
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21096
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).

Solution: 

Update packages.

CVEs: 
CVE-2023-22084
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21096
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
Additional Info: 

N/A

Download: 

SRPMS
  1. galera-26.4.20-1.el9_5.src.rpm
    MD5: eeb69eec34ecdc3ce8085a174b0bac95
    SHA-256: 2f303e4d13111fce14a70cb3d264722d5fb1fe35ff9c0fbc7ba122b7c73aceac
    Size: 3.57 MB
  2. mariadb-10.5.27-1.el9_5.src.rpm
    MD5: 99a20cdd6d1c5aa593e45d7f21f55eca
    SHA-256: e6c9a16b76bd2482698d4436bf0c72cd5b1df3d6d1b0bb71c9ae30c1899a4d0f
    Size: 93.28 MB

Asianux Server 9 for x86_64
  1. galera-26.4.20-1.el9_5.x86_64.rpm
    MD5: 3cb01afa826dc5d459c97662bfd841c4
    SHA-256: 569370e90e29387fed88cd57c800d052b25ce14fc4684c15ec8530204446a30d
    Size: 1.18 MB
  2. mariadb-10.5.27-1.el9_5.x86_64.rpm
    MD5: cc50051f185232d9b4c8a4f33bf79a02
    SHA-256: c95370d354098298813fc27303b8347e979be59b9ca9f221d043e9e1e00b0de7
    Size: 1.62 MB
  3. mariadb-backup-10.5.27-1.el9_5.x86_64.rpm
    MD5: f0f5d38bc772b89f1634e2dbf42a60f6
    SHA-256: ac5669834935328cddc5edc27a3a75d10ad67c9f20b40b0c381636fdcaf52ddf
    Size: 6.49 MB
  4. mariadb-common-10.5.27-1.el9_5.x86_64.rpm
    MD5: c5cc6114903d3d026357a807ec6c2340
    SHA-256: b1837464363ce1dc5b4fbcdc244434743482f550a47efe94fbca686dcdef1874
    Size: 33.68 kB
  5. mariadb-devel-10.5.27-1.el9_5.x86_64.rpm
    MD5: 2630ac100203beebe74316a3174ea214
    SHA-256: b389f2798bf679d92d4bd5638f93c11ede68259c235975c914f630f9e095bae3
    Size: 1.11 MB
  6. mariadb-embedded-10.5.27-1.el9_5.x86_64.rpm
    MD5: 2857f518c41e98acb7a10a7329bf9959
    SHA-256: 920c633e8bfaf415bfaa5a768cff0d4632793a839ddc6fc777a2ed944a445498
    Size: 5.40 MB
  7. mariadb-embedded-devel-10.5.27-1.el9_5.x86_64.rpm
    MD5: 75a486fcc1637df5c7a819b4c8cb5fa6
    SHA-256: 61521c546d55adb1788c1648a543dcf27b734cef4d89a555a3635e96f73cf5e9
    Size: 7.78 kB
  8. mariadb-errmsg-10.5.27-1.el9_5.x86_64.rpm
    MD5: 916f3b998701f1a02f3ef90dc1f628b3
    SHA-256: 809cc9cec0da0aea08b10c98f62998d8f8ba22216c8cb6c09eded18e73f27677
    Size: 217.87 kB
  9. mariadb-gssapi-server-10.5.27-1.el9_5.x86_64.rpm
    MD5: e1b9cf89eabb00e62e51a9c66f95f29b
    SHA-256: 5fe91c5a7e7358bdd364ecea3e715cf501ce33fc8fe9de6c872bba161df9b72a
    Size: 14.38 kB
  10. mariadb-oqgraph-engine-10.5.27-1.el9_5.x86_64.rpm
    MD5: 1291d9c91dde6d2126cfe113a9e7c73c
    SHA-256: 53ce4d37b56d14a84a901fe59ac1334684fcb6cd4380605f3cfc7e9e15957d1c
    Size: 80.44 kB
  11. mariadb-pam-10.5.27-1.el9_5.x86_64.rpm
    MD5: 19498302b48aa5f4a0e4fb859a868e3a
    SHA-256: df0ea598d39fab610510a192bb84ba86f1d17583182d33edbf2a362799802e98
    Size: 23.33 kB
  12. mariadb-server-10.5.27-1.el9_5.x86_64.rpm
    MD5: ecbd714b13399d5d7580da4ce94e5e43
    SHA-256: ca383e3985023dac5e8788de2a31b5fe1891455a3f85e4f1a41e6ac184716f12
    Size: 9.73 MB
  13. mariadb-server-galera-10.5.27-1.el9_5.x86_64.rpm
    MD5: 548672d155092fc51ac3e53f7acd0729
    SHA-256: ece6584a93227716abd62851c7a06b11731dfcbdca16728d957b632787bd8caa
    Size: 23.70 kB
  14. mariadb-server-utils-10.5.27-1.el9_5.x86_64.rpm
    MD5: cc99f99e6c16c1b873821ac9ffdaa9d7
    SHA-256: feca727b5464ee2e13d583fd2c2ae2d793e4693ef4281a6cf838f400f902a20a
    Size: 216.78 kB
  15. mariadb-test-10.5.27-1.el9_5.x86_64.rpm
    MD5: 5137abf36799efa140231867abe616fd
    SHA-256: 07dbff00bf587a081efe98c299780c3d1de61deb1dfb9f3b651dd19f4506aa20
    Size: 33.05 MB