mariadb:10.3 security update

エラータID: AXSA:2021-1698:01

リリース日: 
2021/04/21 Wednesday - 06:41
題名: 
mariadb:10.3 security update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- MariaDB には、信頼されないサーチパスが EVAL インジェクションを引き起こし、
データベースのスーパーユーザーが wsrep_provider と wsrep_notify_cmd を変更した後に
OS コマンドを実行できる脆弱性があります。(CVE-2021-27928)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2021-27928
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. asio-1.10.8-7.module+el8+1234+a2369e54.src.rpm
    MD5: 7d127ecc5f037fc2ac03b41485088040
    SHA-256: 573fc15249c2ed5be7a2b296cb206979f0d12d2cac9d5a20b9c5f045198c68a3
    Size: 0.99 MB
  2. galera-25.3.32-1.module+el8+1234+a2369e54.src.rpm
    MD5: 7cf351114d163793874f89f4d34493e8
    SHA-256: 89bbfce7cc385a7665da47891aeee66500a1711562f74b6ce2e68d2bd6457ec7
    Size: 3.24 MB
  3. Judy-1.0.5-18.module+el8+1234+a2369e54.src.rpm
    MD5: 68545428003c42d018d61925cd43234c
    SHA-256: bef042cc2904a5515e46e0b3fc441a33c5fb07151e4d63bc9d35702545ac8ecc
    Size: 1.10 MB
  4. mariadb-10.3.28-1.module+el8+1234+a2369e54.src.rpm
    MD5: 1ca23fcdba0ddb89269c884d20c2cdf6
    SHA-256: 559ff3c802e5ecf5e0bc23b6972d2bee85f92056f4dd4a5c83efa2294d9f584e
    Size: 64.22 MB

Asianux Server 8 for x86_64
  1. galera-25.3.32-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 951dc3ec0f280908a75da86b78e6ea53
    SHA-256: 6ad8ebdcc3063c78a551b7542310f4850ccc05920135ad47b2d44ac99827413e
    Size: 1.32 MB
  2. galera-debugsource-25.3.32-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: bec55cceb39c951c68cfef6fe0d319ab
    SHA-256: fe8ddb60777b71e500c62d42a7c11c1e03d9576044711ec45b6b3e4f6b328e57
    Size: 461.15 kB
  3. Judy-1.0.5-18.module+el8+1234+a2369e54.x86_64.rpm
    MD5: aec989cd59881c031da68a8dd5ffea36
    SHA-256: 6327115ec2b28de136947131635fb9b66ece2e6f76d9ebb0dd1f3efa2b8cc226
    Size: 129.10 kB
  4. Judy-debugsource-1.0.5-18.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 9e1eab3eacb6aa1216989eadb6d58965
    SHA-256: 8ed7959702326356d7a71117e6097f724cd3bb67a58078ccd873ce69a27fc50d
    Size: 157.63 kB
  5. mariadb-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 4d64fb8241022c7508ea63f3ee1b4014
    SHA-256: daa8602bee5f1a973a1c7910c5c66896c9cf4f3f18352dc40537b8edcc40302d
    Size: 6.02 MB
  6. mariadb-backup-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 5306f0ff3236e3cc5424a61c50a0be5c
    SHA-256: c858d339f3dfb0156727783d28b61d099b006da6ea7b071466acf9c001f58e0b
    Size: 6.05 MB
  7. mariadb-common-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 2c3f3b3b0866ec918a157a1d3116f7f8
    SHA-256: 4cd242aa1ae271c7527c21fccaef26bc38a52cb927d9134c21357f6943aec55d
    Size: 62.39 kB
  8. mariadb-debugsource-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 3d264623ccc5177bc53cafc45553470a
    SHA-256: 9681337038156e5c0f2d3b0a4fc1dbc0fa2cbe76e8463e7d4d8b5fa45c9e12d7
    Size: 9.11 MB
  9. mariadb-devel-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 13bcb6a2f1fb0ba2665bb37712b83d10
    SHA-256: 2e6c9f49af361717bafa6cb25e93da83e05cbadcd28514e2148ffc978a1e59f0
    Size: 1.05 MB
  10. mariadb-embedded-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: f9571809758f3636bb5789b5d2f16aae
    SHA-256: 344e7f83deb5f22d87e44f6488c0d1a06b4f48845676cc6e43c2b9d680371dfc
    Size: 4.94 MB
  11. mariadb-embedded-devel-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: ff33a8f0b53de122bcc970daf5009100
    SHA-256: f8128a2b4a65f5c92d44f095ca120b544f6ed20df2f42fb401fa3a64b2666968
    Size: 42.96 kB
  12. mariadb-errmsg-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: ecd07d5ee5a5ac6012873336ac45a348
    SHA-256: f8ccfc5907e212c20b9de9bcbb53a48b9459555c786638afd09fbc90d57b7620
    Size: 232.67 kB
  13. mariadb-gssapi-server-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 3556c94102a41aaf014368eed9167733
    SHA-256: b2488018e3f35a3026d94b2386e3cf0694d3db9b16f01b4532dfab0927348ab4
    Size: 49.76 kB
  14. mariadb-oqgraph-engine-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: 9302ee3b2bd31f37634e8f5be44b5253
    SHA-256: 8c24877a6019b595dc2589f48b1784cdc444abb6f8969f7baa01c9bbc9515a6b
    Size: 112.08 kB
  15. mariadb-server-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: d3493cd21d48f0bc1ba12b5beeed0c7a
    SHA-256: e0e42c17d819dfcb1520feafa23b478849c4b28d199c9f3e143a8b1d77ebf9d9
    Size: 16.14 MB
  16. mariadb-server-galera-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: c6a0acea49fbd99b69c9017f8e1fb678
    SHA-256: 77a732a6f0bac96b2cb4c1f1c7911373da803152aed16da6614b975b95b074ff
    Size: 59.56 kB
  17. mariadb-server-utils-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: fe41d8eb57a768b78f3d3ce5b4949593
    SHA-256: 32fb1e261a7e3a322ae2c87eb2fbd38e7c2a54cf35f15971d5ad08d9abe0938a
    Size: 1.14 MB
  18. mariadb-test-10.3.28-1.module+el8+1234+a2369e54.x86_64.rpm
    MD5: acc7b3357351698fd0052d6e3ecc06a7
    SHA-256: 4b21b9354c386ced32e71f17bfc02735fda2b28e874ba0230bce9f951db17629
    Size: 36.89 MB