[security - high] mariadb:10.3 security update

エラータID: AXSA:2026-040:01

リリース日: 
2026/01/15 Thursday - 19:42
題名: 
[security - high] mariadb:10.3 security update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

Security Fix(es):

* mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-13699
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of view names. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27000.

Modularity name: "mariadb"
Stream name: "10.3"

解決策: 

Update packages.

CVE: 
CVE-2025-13699
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of view names. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27000.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. asio-1.10.8-7.module+el8+1938+e490a79b.src.rpm
    MD5: db86ba76696cc5f67ee3620c3ce57d68
    SHA-256: e8c1811b0a8f8301fe2ac3e642a224fd3283c30a17876ea937fcf5ed3a765edd
    Size: 0.99 MB
  2. galera-25.3.37-1.module+el8+1938+e490a79b.src.rpm
    MD5: 850c9aabf7dfe65725c5dab424483425
    SHA-256: 9d7381cc34657e68a7b7631aa84711ad5c6679f2cd93b7a0a8fa84b51718bce8
    Size: 3.25 MB
  3. Judy-1.0.5-18.module+el8+1938+e490a79b.src.rpm
    MD5: 857337a7be07ae8091a8bf1dcd2dff9d
    SHA-256: 065c9e5c25f312113550a59d9e88e14b8a6495e1c7d5a9fd2eb3339abbd91fb8
    Size: 1.10 MB
  4. mariadb-10.3.39-2.module+el8+1938+e490a79b.src.rpm
    MD5: c8916755773a8274241d0f4ece69c004
    SHA-256: f4e13ee99ce3b39a53f48abd1ff734f244ff12e1f36dc23ca573eb9f673f0144
    Size: 65.60 MB

Asianux Server 8 for x86_64
  1. galera-25.3.37-1.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 1018de2e52032740508797852dee3740
    SHA-256: 6aa814603041f8ad185f2f6eaa8c1ea08419f52c7e601f99bc0a5799d1fe2bc7
    Size: 1.42 MB
  2. galera-debugsource-25.3.37-1.module+el8+1938+e490a79b.x86_64.rpm
    MD5: cfb300c61926f01533aea58c4fffee6c
    SHA-256: 64a0eb416f742269a938ee1aaf8df108246d593ca080d461676d51a3446a6e0a
    Size: 441.83 kB
  3. Judy-1.0.5-18.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 9752a12a5782a1068838d8152a3d61fb
    SHA-256: 7b1d24a2fafb03137e1fdae0aff29ca125df1cfd93a73a6793da9c1222166d91
    Size: 129.12 kB
  4. Judy-debugsource-1.0.5-18.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 0663938e9f5703febc9954abd602aa4b
    SHA-256: 5e1cb80cff16a0f9bb68aae4f0b22fd631fa0e2468e47fe8f82281d599f6b2c2
    Size: 157.63 kB
  5. mariadb-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: b5bc1af9a80fc5d6779288ee84e7c889
    SHA-256: 8db96d299bcbde5bbecc393a3cf1bf85d86c2a74c74e5be973e415c9d96fdbc8
    Size: 6.02 MB
  6. mariadb-backup-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 285b2a9ba053f82b7a969d250798f0af
    SHA-256: 33ebe0e7966b1c46c68d5619f66fa003198534d259019bb60dc376667743f01a
    Size: 6.08 MB
  7. mariadb-common-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 6e10894f7ac08b923470ac573439328f
    SHA-256: 0a67c172897f3c99920755ff370e339a667585c3362901fb93f3ddc871dd78c3
    Size: 63.32 kB
  8. mariadb-debugsource-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 9e022463ac3f6171ff04aedb9e1862e3
    SHA-256: 072a3d409d08d736a36e0e5177f26eb93f042a1698efc640dd13d2663d2188f9
    Size: 9.17 MB
  9. mariadb-devel-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: eb183c011e398ec30a3d19560b02b114
    SHA-256: 07a918168b031742ea9e415d0e87fa883cae2211be9b819a3597b9aec3df209c
    Size: 1.06 MB
  10. mariadb-embedded-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 71b49c76fd8a5fd539bbb8469c82142b
    SHA-256: 51ef2c1aa8f8d5a8b5b269d48794b5a6f1de50922445bd35de9e0e94e4e13282
    Size: 4.98 MB
  11. mariadb-embedded-devel-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: ee3cb0b3f42d44645cd8ec5dffce0e49
    SHA-256: 544bb92ae7f3c9c79f4a200cfabbc183bca987a33b8e372e2634e7a52d03169d
    Size: 43.88 kB
  12. mariadb-errmsg-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 33fd8107cf9da4d3b05448da0ffe742d
    SHA-256: 0b5d75da550ca2d7c6e7445fd22ee74190b6ea8e13b9c201e05829539c3acbc4
    Size: 233.82 kB
  13. mariadb-gssapi-server-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: bab42d9529682ae5b6ad5a2cda449ed3
    SHA-256: 3f9c4490f08f06dd535ed53afdb31d50f1dec98396c2536265d02d8e0daa3bfc
    Size: 50.71 kB
  14. mariadb-oqgraph-engine-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 9b6fbcac97e4be13462f440e0574c03c
    SHA-256: af14f573b2a418ed525bca44088e3f550a4eb0993333909781d32593adc84dda
    Size: 112.97 kB
  15. mariadb-server-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 4aa4f1f61eb34cb91c6d1833e566ed30
    SHA-256: 110c991041f88c2ddfe30714a919c4a31019b26a3b23483613774a0f4c866ea0
    Size: 16.43 MB
  16. mariadb-server-galera-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 871fc7cb729b9f8d1188aa542c603a02
    SHA-256: 830f25c078f058af17293b782fbd3ae41524391f2e266f6c85114df317533589
    Size: 60.49 kB
  17. mariadb-server-utils-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: dabde67d8a588972a57c3cc3726339f1
    SHA-256: ebd6442ab8e3891c736438913eca44d14db9bbda0f023fbaeb43ee14181fa4ca
    Size: 1.15 MB
  18. mariadb-test-10.3.39-2.module+el8+1938+e490a79b.x86_64.rpm
    MD5: 770f515fc54d8102dd1b0170f2df661a
    SHA-256: 2a2458f0fa8daf75cda1727f02412dbd1dae7cce8cb748e77deb2d45a6397dba
    Size: 36.42 MB