[SECURITY] [DLA 4154-1] mariadb-10.5 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4154-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Bastien Roucariès
May 07, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : mariadb-10.5
Version : 1:10.5.28-0+deb11u2
CVE ID : CVE-2023-52969 CVE-2023-52970
MariaDB a popular database engine was affected by
two vulnerabilties.
CVE-2023-52969
MariaDB crashed with an empty backtrace log.
CVE-2023-52970
MariaDB crashed in function
Item_direct_view_ref::derived_field_transformer_for_where.
For Debian 11 bullseye, these problems have been fixed in version
1:10.5.28-0+deb11u2.
We recommend that you upgrade your mariadb-10.5 packages.
For the detailed security status of mariadb-10.5 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mariadb-10.5
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmgbgAoACgkQADoaLapB
CF8vMA/5AafNeYtwpXJVoS9jURLjjP4pNTXwrRKM+vfmFKirh9QzKYZ6kjHWS36E
PMpmdpkQoGiNoyVS1OVLkX5HFoKkstdGloFa+cc4ViRwOjfL12PeMYKT3JaUd8Kb
u2xbC1A+cw6L+pHdyr/Per5bXVRZkF0s86RpnEDQ9dONgCza7OV/NrJ+pc0uunf9
2fQaJnYs+/ImTRxWa9vz+JGCloVhaxImPssXpm8dnofU5Dk1Xal5FuxGPJ/hAnaW
LoghGLhby4qNgtsyEClVkr+0NSeDt9GzvkOE6EsaamC3kB3ZuGULXsqWTTb4GfRj
Hs8f1B8tnJR2uaG0jhsOATMkxfsHGe5hUpTIeVMGM19Qpey8cYHYJgqAtk7QHZ/S
nOcnA7OjvatKJ1FtJQKR5AKSlary6PUHLuX4LO+5yDLoWGvCQrfKCcxts40NTfEx
K4Su/MZTr2Cyp8Wv2o3sqDXbEZlm0wrYb/xY2XG0CMf4zQ/SGwHrzGUXgRSQ20o/
q4bcR6UL8UKykLJnzPD24caLUghQwropBYV6Ckgx+PNfBvzzIdcIuyNqohyKm6zI
MDMOKN8aGFpG5EPhfjHNxfSV0YqTieOEQ1fB4XGhcf08HyR3hVgtNgAspPBbCFxV
734jOLy3ZH60vjK1nrBVFaAQJFUMR7rTRDqt2tHROS6UXoYR2/8=
=Ch0+
-----END PGP SIGNATURE-----
Reply to: