-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.0337
mariadb-10.1 security update
1 February 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: mariadb-10.1
Publisher: Debian
Operating System: Debian GNU/Linux
Impact/Access: Denial of Service -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-14812 CVE-2020-14765
Reference: ASB-2020.0176
ESB-2020.4527
ESB-2020.4427
ESB-2020.4309
Original Bulletin:
https://www.debian.org/lts/security/2021/dla-2538
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2538-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
January 31, 2021 https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------
Package : mariadb-10.1
Version : 10.1.48-0+deb9u1
CVE ID : CVE-2020-14765 CVE-2020-14812
Two vulnerabilities were fixed by upgrading the MariaDB database server
packages to the latest version on the 10.1 branch.
For Debian 9 stretch, these problems have been fixed in version
10.1.48-0+deb9u1.
We recommend that you upgrade your mariadb-10.1 packages.
For the detailed security status of mariadb-10.1 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mariadb-10.1
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmAXJxkACgkQiNJCh6LY
mLE/Zw/9GBX601InOmWcVYl/f5Z2CqevkGmMwBjDIr4Si2COYmYWNFWsdrDHj+gL
BTx9B+n5BRtQz12oZxKlAqRl27D8eScyvfuTe0ZBk/YDLCgtn2Oo+LlJmuc825RL
XGToX0RgGU6Apcmc2otprDVPAW/Wm4BjTKuOWmXhLsoHOddPuC8SEWHbebhJhZYd
CaVxSWR7OjPzcm0Y+JRu8p/LxYK/iEKWP/DKoCGUxW3pfTEvmeO31tDAHcS0CphB
2+WGxW+D/qITdiDsAGwS43UdWtbjkas1N4Y7VA2rymMGJS9NLd5y9G6+198jre8Z
6fcxbZ4GzaAYwG5iDLVPca6a3I0ux3r6p6pblS/TSTH4nZPfI3slNtFMszzS4PXf
hiPzwC6NekwyxzZ6AGfKYvA/+ASSPcoEueP+oeob31Rmov5Chjw9uhz9jBdy7QkR
Q0psDfczt8z93brXBN2u3Gwx7bgiuRJFYLxzAa0B3xmFF2Lp+4Ygw8LAu86Qug5P
wu23omp0CS4euWCe6ZEmQCVeGPc/PL3vexbjwsww7mnAHAVDwUJ2v8YY/TK+v/Od
Hbi4xYpkvWMeNTAoyegZSD+ocC0W5qjUepldreygcoJS2CS6zs7fCebfQVqbxAlJ
GgDE27hHJZfUlQuc+EoWzwox2andQrcupyt1/yOrPqMcOu9o29k=
=84hm
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYBdZ4eNLKJtyKPYoAQiOkw/+NNATRLPJxHKJCoptRhd+CJni85HHc6wJ
Y3gRBF8r2iKS5mEJMYyw2NrrBiljE4JsJZF1R4+Zefl80HjNwgKljwt3H6WzBFmg
5YZOBUQlDlwyyfqAne7DBb6Mb+Oe/+5GAVDFDwrCmF++Oc4QDDrZP/MNOgxmIL+b
0kOaubPUmrSxk3/0iiaPzD47yTeyinE1v5KYYenJkcwCtgTYe0o0uVmLqJOXb3F3
6xNIRWhTdSYdNclG88dPuG6o6vivfcGuZeUGOwpMfLntuxnCqc6jX5HW+Cejtfqz
/dA+t6bQMW7JK1sCYi5n7k+pBaU+pGssv0kZ7Av8K59CSZ1rCJnS3TP9UqJR7DQe
4SiBmsb8SkN2OwX2wktuF71qAf3BoISrBB4//EkVEGFGD9WuYDKX91ePUUp+PNbj
Rf5hz8njiLWjm8cIcPI+jkGzzJASQko9NZWNPHgEG8CGw2GTpxpCO2psuDyoiRbw
WvgOUYRXceKrF+tnf+TK5oNaEcwsy5u4NDr1TDRS7TuFuwUGXL/w+73jRB6yTItX
Z3f2Royh5RNS9k+5NHDyoipL7cbYB5/aLPUtyLmNFHJE/LpbdwkQ0ySq4y2AmRcP
oAwznl1PPhCvrp1FCasY2mlR4kVQcILds8KK3PUFmVH9FudmMD7Tr9AmjqZsZuDo
t2PBALWXNrU=
=Awtc
-----END PGP SIGNATURE-----
The post ESB-2021.0337 – [Debian] mariadb-10.1: Denial of service – Existing account appeared first on Malware Devil.
https://malwaredevil.com/2021/02/01/esb-2021-0337-debian-mariadb-10-1-denial-of-service-existing-account/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0337-debian-mariadb-10-1-denial-of-service-existing-account
No comments:
Post a Comment