GNU bug report logs - #47257
mariadb is vulnerable to CVE-2021-27928 (RCE)

Previous Next

Package: guix;

Reported by: Léo Le Bouter <lle-bout <at> zaclys.net>

Date: Fri, 19 Mar 2021 10:26:02 UTC

Severity: normal

Tags: security

Done: Léo Le Bouter <lle-bout <at> zaclys.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: 47257 <at> debbugs.gnu.org
Subject: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928.
Date: Thu, 25 Mar 2021 13:48:41 +0100

[Message part 1 (text/plain, inline)]

v3 tested and builds fine:

$ ./pre-inst-env guix build mariadb
/gnu/store/f70jymwyfcnsghy4jg8caibci59p8rgq-mariadb-10.5.8-dev
/gnu/store/cj3qym1x1jjh02m2g23cqpbhchrbmn6c-mariadb-10.5.8-lib
/gnu/store/mpb5bdf1vkwazqfmmwcvskdm50g191bg-mariadb-10.5.8

Since we don't have PoC, I can't verify the rebased patch actually
fixes the security issue but it should. That's what we get when
manually rebasing stuff to earlier versions. Test suite passes but not
sure it actually tests this security issue being fixed.

Please review, then I will push, it's been 7 days so, let's get this
in.

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 4 years and 114 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #47257 mariadb is vulnerable to CVE-2021-27928 (RCE)

GNU bug report logs - #47257
mariadb is vulnerable to CVE-2021-27928 (RCE)