GNU bug report logs - #47257
mariadb is vulnerable to CVE-2021-27928 (RCE)

Previous Next

Package: guix;

Reported by: Léo Le Bouter <lle-bout <at> zaclys.net>

Date: Fri, 19 Mar 2021 10:26:02 UTC

Severity: normal

Tags: security

Done: Léo Le Bouter <lle-bout <at> zaclys.net>

Bug is archived. No further changes may be made.

Full log

Message #49 received at 47257 <at> debbugs.gnu.org (full text, mbox):

From: Mark H Weaver <mhw <at> netris.org>
To: Léo Le Bouter <lle-bout <at> zaclys.net>, 47257 <at> debbugs.gnu.org
Subject: Re: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928.
Date: Thu, 25 Mar 2021 21:16:59 -0400

Léo Le Bouter via Bug reports for GNU Guix <bug-guix <at> gnu.org> writes:

> v3 tested and builds fine:
>
> $ ./pre-inst-env guix build mariadb
> /gnu/store/f70jymwyfcnsghy4jg8caibci59p8rgq-mariadb-10.5.8-dev
> /gnu/store/cj3qym1x1jjh02m2g23cqpbhchrbmn6c-mariadb-10.5.8-lib
> /gnu/store/mpb5bdf1vkwazqfmmwcvskdm50g191bg-mariadb-10.5.8
>
> Since we don't have PoC, I can't verify the rebased patch actually
> fixes the security issue but it should. That's what we get when
> manually rebasing stuff to earlier versions. Test suite passes but not
> sure it actually tests this security issue being fixed.
>
> Please review, then I will push, it's been 7 days so, let's get this
> in.

Looks good to me.  Please push.  Thank you!

     Mark

This bug report was last modified 4 years and 50 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #47257 mariadb is vulnerable to CVE-2021-27928 (RCE)

GNU bug report logs - #47257
mariadb is vulnerable to CVE-2021-27928 (RCE)