mariadb:10.5 security update
エラータID: AXSA:2025-9615:01
リリース日:
2025/01/31 Friday - 20:27
題名:
mariadb:10.5 security update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- MySQL の InnoDB コンポーネントには、リモートの攻撃者
により、複数のプロトコルによるネットワークアクセスを
介して、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2023-22084)
- MySQL の mysqldump コマンドには、認証されていない
ローカルの攻撃者により、不正なデータの操作 (挿入、更新、
削除) やデータの読み取り、およびサービス拒否攻撃 (ハング
アップやクラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2024-21096)
Modularity name: mariadb
Stream name: 10.5
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-22084
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21096
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
追加情報:
N/A
ダウンロード:
SRPMS
- asio-1.10.8-7.module+el8+1845+95cb10f9.src.rpm
MD5: ccb2f5ef98511bde5c516dfab4e68c06
SHA-256: 9d2a629fce1f3c474203c59afc5c80ef842f940482b1e0952495ebeb3b753746
Size: 0.99 MB - galera-26.4.20-1.module+el8+1845+95cb10f9.src.rpm
MD5: 48753fd83e10ff2c723e23814875466d
SHA-256: 7dbf3b17bacb2cae374b170615c8ff9ff5abd54ba729e84ceec847eddc6207e2
Size: 3.58 MB - Judy-1.0.5-18.module+el8+1845+95cb10f9.src.rpm
MD5: bb43c588672c2cbdfdd85e50603dc55d
SHA-256: 2a80b4e4c455b0c17af44fa888573c98ce0cdb54a97777595ebe467a9b1bb0cb
Size: 1.10 MB - mariadb-10.5.27-1.module+el8+1845+95cb10f9.src.rpm
MD5: ca2838b335333c3eff740c3d98ba468f
SHA-256: 95adaf3442268664e67b620fd03f145df6cdb2a0d71e782385b5bf124552cbe3
Size: 93.32 MB
Asianux Server 8 for x86_64
- galera-26.4.20-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 621b579b8faf6d757c8dbcdf3720d4dc
SHA-256: 3c3ff73e986556e2c488e8392409fa6c5e3ed92d2a48ed4dec044e66f2619caa
Size: 1.65 MB - galera-debugsource-26.4.20-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 8b14bb369a82c19b4401334542406ac4
SHA-256: 4cf8e0b0370d45d9ab02255a39de1a9c7cedfe3b9fe6ec52ebba1d589e7181f7
Size: 703.85 kB - Judy-1.0.5-18.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 4f1cb88cb1c501dc6f5040989a35c2ed
SHA-256: 2ffd2ce83ca42541d597aa543893185b57b6dc31639b7c0b166621b50624bb16
Size: 129.13 kB - Judy-debugsource-1.0.5-18.module+el8+1845+95cb10f9.x86_64.rpm
MD5: ff7c4ab6fb26387b72c39285fac5a744
SHA-256: 10f9a6c8adcf1990a36a7767bb8eaa64174fd2ecac5b64ad4cf03a711848e49b
Size: 157.62 kB - mariadb-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 13e19bf6fd887fd17acb4ebea73e7273
SHA-256: 20fc4cbc6f814d65bd490f2a315a0c40cb179a24ce16f24f0e0cceaabedcbf24
Size: 6.35 MB - mariadb-backup-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 20853e4a6472d2d97205e4b0d5f66eae
SHA-256: 56981ad7037809939a4da897af6d2d634f9e1f9c326ac6c74b51eb796ea39997
Size: 7.10 MB - mariadb-common-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 482e39c61e15cf852011c3ddab00535b
SHA-256: 7df6e24a1dbcdd13128559c74fa2f77722e6fe232ec7164591eca0cf88426e30
Size: 67.87 kB - mariadb-debugsource-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 2159148cf0e71b38d7755f4e1756f309
SHA-256: b16bdcc7ca400b1dbae5df6362f2342020e66831344e5dd0450210575eba2cde
Size: 10.28 MB - mariadb-devel-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: e970181521c23c8019aa16bb176f4068
SHA-256: 093c7eb7004a755521a298e13b4ff418c8fa717683f11f522e3eaf299e9451de
Size: 1.19 MB - mariadb-embedded-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: d033814dee537b87ae006eea0f81ce8b
SHA-256: 79cf1f242b3bfe2a0ba40c97a2de5c02c5039d524a80856f9eb7e78b7425e62c
Size: 5.62 MB - mariadb-embedded-devel-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 3a1e44d0e850dd0cdb63f96dca14ebaa
SHA-256: c5ee53cc4579b87f4891565315daf89585f294f4317b22e0f5d5d092a58fcccb
Size: 48.48 kB - mariadb-errmsg-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 019b4470701e4ef8106126327a624a42
SHA-256: 9dfd57b8f2bfbd4d7baa55691ca4f44930d1b17678f95a800c8d074809ecab8b
Size: 271.89 kB - mariadb-gssapi-server-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 3f4263715420136e2f76dd54079b71b0
SHA-256: 756cae3ab5ff7582d441421afb8411cddf45f7d456ccd484b28b7e6dfaafc2ba
Size: 55.32 kB - mariadb-oqgraph-engine-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: b5e79a2b169c5a4b28b8713e68f2722f
SHA-256: ecd0e62017e1bd02fce8e9a06e6809e4526a883db62a9ec25d6ce6259b106de4
Size: 118.27 kB - mariadb-pam-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 04f772df5241315b12cf0dca73284541
SHA-256: ea00b7678b3094fe33e5d842209bf8659a9690443ebd95663b3099d1a1090fb2
Size: 64.56 kB - mariadb-server-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: c9fbbe0270b607e409dadf8426ca97c3
SHA-256: 265c4b36b5a420bb3d50c0ac8391051dae7aea2c7804e1a4fe58a82ad3d71bdc
Size: 18.78 MB - mariadb-server-galera-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 5535143367d4810f20ac2f59db841671
SHA-256: dab9b4c368891b1b09d583ff022598703d0f7f43733ece203aaa1f1416ebb41d
Size: 65.13 kB - mariadb-server-utils-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 0100ae345a2c56a758f70b8ec00dd229
SHA-256: 10d4d215a592331a0a0f275aa3203fe627253473881bc27c4b1f9a0b7f38a2c1
Size: 1.21 MB - mariadb-test-10.5.27-1.module+el8+1845+95cb10f9.x86_64.rpm
MD5: 99f3dba289bd094b7731c452d61371fd
SHA-256: e49f2b55b05f0a0d4698c19dea32f1f4ea5b77aa9b8e2d34be96c993f9fe4c80
Size: 31.42 MB
English