[SECURITY] [DLA 4074-1] mariadb-10.5 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4074-1] mariadb-10.5 security update
From: Sylvain Beucler <beuc@beuc.net>
Date: Sat, 1 Mar 2025 12:08:41 +0100
Message-id: <[🔎] Z8LquSJyKIV7BduA@mail.beuc.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4074-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Otto Kekäläinen
March 01, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : mariadb-10.5
Version        : 1:10.5.28-0+deb11u1
CVE ID         : CVE-2025-21490

A vulnerability was discovered in MariaDB, a SQL database server
compatible with MySQL. A privileged attacker could cause a
Denial-of-Service (DoS) of the MariaDB server.

This updates also includes bugfixes through the 10.5 maintenance
branch, as detailed at:
https://mariadb.com/kb/en/mariadb-10-5-27-release-notes/
https://mariadb.com/kb/en/mariadb-10-5-28-release-notes/

For Debian 11 bullseye, this problem has been fixed in version
1:10.5.28-0+deb11u1.

We recommend that you upgrade your mariadb-10.5 packages.

For the detailed security status of mariadb-10.5 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mariadb-10.5

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmfC6isACgkQDTl9HeUl
XjB3cw/+OS4VePwhvz3IT2sZNiic1W2x/HlkavxwYfaR4iyp63f3c/bZI7rdOkIK
ijwIsBQbAyxLzWvJbJr/UaA10AoJ3N80F1B3OEXXHXc63leOZQ9qSsLSyGi30R/X
FPdhBQOuGPOesNMPXJhqoxNfom2IsrxLCvfk0bc0E4SG78ONID+SznqctTzUyzGF
FfxuefWssXuslIftUmxQwk3wr58SKUxxDVS54IyG3sUVJkhfa3gkch0KyWQmA+Az
ijH6X1eGUvvB+AZNbJpZPqLfthQpdH79p9mMauyZia52TKPzSPipJaKRDqXtn2d0
15o3ARuNP5IiBDR7PuK2WUUERGonhI5zcI7RGc5GjLiH19GhGzhD6L5BxN8kdfRL
zmDwwiYiExhQ51cjicSmDELUcA+ceBccMp/ue3BSzto9FBLjr1UXsf86cX/P1Jgq
jLAKB5hXOYpb1xbok/qnLPm7mac5p3ZWBiz3zZl6p/Nd3jS50IOsOVSQaijVjL8b
DljwP0kOrOGeoRFU1q0aYPlFdtuJEbtyOGdPgvEAWsY2ze7T8Acmn87vdt4loA13
UnzGi76Fml9Fo/TPVUuHO9t7g6JH634TOCpZsKk7UrybrkzFeH1Sx8SMMjuAQjzR
PRbkr3LIiddzmRGO5mA0+/I7utfkUgZajXcLAoT8vtqDcaLMZtA=
=8xf6
-----END PGP SIGNATURE-----

Reply to:

Next by Date: [SECURITY] [DLA 4076-1] linux-6.1 security update
Next by thread: [SECURITY] [DLA 4076-1] linux-6.1 security update
Index(es):
- Date
- Thread