mariadb:10.5 security update
エラータID: AXSA:2026-037:01
Release date:
Wednesday, January 14, 2026 - 19:02
Subject:
mariadb:10.5 security update
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
Security Fix(es):
* mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-13699
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of view names. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27000.
Modularity name: "mariadb"
Stream name: "10.5"
Solution:
Update packages.
CVEs:
CVE-2025-13699
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of view names. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27000.
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of view names. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27000.
Additional Info:
N/A
Download:
SRPMS
- asio-1.10.8-7.module+el8+1939+36065dc6.src.rpm
MD5: ff10146106d5c71cf57cd326afe3a811
SHA-256: b7d8b11e245762a245ea9f8bef26f61865d60ef2a6298e1a27b31473eaeebc34
Size: 0.99 MB - galera-26.4.22-1.module+el8+1939+36065dc6.src.rpm
MD5: 77792a9b75897c64b7713ae137ca27a9
SHA-256: c464243fcf58c47a56ddf12a6eb7f8bde5ba711b91dc05d9240947bec0c7d682
Size: 3.58 MB - Judy-1.0.5-18.module+el8+1939+36065dc6.src.rpm
MD5: e2c26a1a459b6a1231871b22fa706b0c
SHA-256: af1e6ce56fdb68ef2cb80e0f58c41ad9d931384bae9d4e277e5996e4ba69133d
Size: 1.10 MB - mariadb-10.5.29-3.module+el8+1939+36065dc6.src.rpm
MD5: 05ff9313d1b02bca8a180bb080d3746c
SHA-256: 1270a911337876a22f88142c344107cbedbb792fc928aada00039bf789a6ae52
Size: 94.54 MB
Asianux Server 8 for x86_64
- galera-26.4.22-1.module+el8+1939+36065dc6.x86_64.rpm
MD5: 74e5172a654e2265dd77167eb2598eec
SHA-256: 74d326a28294992f46338ec2afeab83363094babfd4e3792bdb16c790c074c72
Size: 1.65 MB - galera-debugsource-26.4.22-1.module+el8+1939+36065dc6.x86_64.rpm
MD5: 2ff56db87ecda2dd9808093ed57ed15f
SHA-256: 411eec87a95354900f9cae8bc1cc3e506c572467710e175645603ec3f18b7f50
Size: 705.42 kB - Judy-1.0.5-18.module+el8+1939+36065dc6.x86_64.rpm
MD5: 73909ed04d20e2f24caa6fbfe04a4098
SHA-256: 19137decb00de50d8946d6f80868a972411e4a6dc8f2ca3a1e9300fb35e179d4
Size: 129.13 kB - Judy-debugsource-1.0.5-18.module+el8+1939+36065dc6.x86_64.rpm
MD5: 7c19fcbb97c46aafe1375da72fa58a2f
SHA-256: 58ce0780ef827a9c59cfadacabb474796ff420606ad1352e39743af9de7c2c0a
Size: 157.62 kB - mariadb-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 8ee40f1bffa5945db487015d0890e1a1
SHA-256: d68e1375ba9450c375a880f999d0fa4fe457af913edb14b5f923e1fe5da7ceea
Size: 6.35 MB - mariadb-backup-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: a44c0db4c6ba1a52d3f5fce85dc792b8
SHA-256: f2a75f22e2a8c5ca93aaad0afa4a712ad2710b3558c80e54438b2ab29a90a52a
Size: 7.10 MB - mariadb-common-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: ae98782e850294ded8684861d4ee5f5b
SHA-256: bf773eb102764eb3a9d8063c0f19f8e9abb6d56c81340c42152034c39c684ecb
Size: 68.10 kB - mariadb-debugsource-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 7ac7b4fe3d018086807648770622d437
SHA-256: 745eaf85e40bc7a223ebae1d619d03eed59ee9730c33762f856d9c56c29f043e
Size: 10.30 MB - mariadb-devel-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 5079b5c6e739b8b63debd5a196870173
SHA-256: dac3f1eb0e2a82fdf0d64cf717501ba2c1b5b83c827eb70a7741f2705c826d22
Size: 1.19 MB - mariadb-embedded-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 6db207f3b7a49968eb936437dfb98976
SHA-256: e8d1dc4f7b75975282b16ea7a4494c2708f3ee48e896b50ebaeb0b65cd265cec
Size: 5.63 MB - mariadb-embedded-devel-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 577c4bec98850caa70c12651edfb945d
SHA-256: 64c7cec8e14c2b1a049ed1519d80ed2c7f97f24265aa396f85ca2072ba49a318
Size: 48.71 kB - mariadb-errmsg-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: ec9ee78425aaaef17467bf9bd673c220
SHA-256: 39aa57dfa75282af7ea4577e461719ceab94c56729fbd500fc4694b28b680e0b
Size: 271.95 kB - mariadb-gssapi-server-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 9bb1b6cba7b5d612bc1d968613155442
SHA-256: 489d2bd51e91f6b7119ed92f8b9d6b9c02047ad7840f5f593f36c6e48a944776
Size: 55.58 kB - mariadb-oqgraph-engine-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: b977b6e29c681a7c9b9cb8777b9e8f60
SHA-256: f110a70137928fd9111a67fa10134f2c31eda8a043dd2b3cda45e8b1c334aff7
Size: 118.52 kB - mariadb-pam-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: f1b474a37f42dbd029a30298c4caa4f4
SHA-256: 69ed160bb8dcd4f2e8c4454afe5284138c08c97e7220178ba725ae1b58a60c5c
Size: 64.78 kB - mariadb-server-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: e4e68299a780eeef813f36673ba35a77
SHA-256: 6f3f9556d0b7a75a48f69f24c48352370d5a11edbbf4d7a81f5ece5ee097122c
Size: 18.78 MB - mariadb-server-galera-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 044c680f00d3a40d5bd2909005112e0a
SHA-256: 5a5493964b6fd987c540f87c4bb1f9831ec3e194bcd07a848a1678e1781cbd7d
Size: 65.35 kB - mariadb-server-utils-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 6768c698a32b06f4f9007e97441a5a6e
SHA-256: 5c9fc42b6bde4f97f7010abd102116107d3f1aceba200b3151ab5a1136061d21
Size: 1.21 MB - mariadb-test-10.5.29-3.module+el8+1939+36065dc6.x86_64.rpm
MD5: 9c7f0fca07b1ba5c6c045e374e6ee3d3
SHA-256: f36a25c5757db96da9b792cd9b876f5e4f7fd21e42a8482bc38c459e55e0ebc0
Size: 31.69 MB