Red Hat Security Advisory 2023-5259-01

Red Hat Security Advisory 2023-5259-01: Posted Sep 20, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5259-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include a null pointer vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-32084, CVE-2022-32091, CVE-2022-38791, CVE-2022-47015; SHA-256 | fcb9cf83c6e24bb24fa8b684964413cdba902fd0f743dd59e47adbcd73ba28de; Download | Favorite | View

Red Hat Security Advisory 2023-5259-01

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: mariadb:10.3 security, bug fix, and enhancement update
Advisory ID:       RHSA-2023:5259-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:5259
Issue date:        2023-09-19
CVE Names:         CVE-2022-32084 CVE-2022-32091 CVE-2022-38791 
                   CVE-2022-47015 
=====================================================================

1. Summary:

An update for the mariadb:10.3 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.

The following packages have been upgraded to a later upstream version:
mariadb (10.3). (BZ#2223572, BZ#2223574, BZ#2223962, BZ#2223965)

Security Fix(es):

* mariadb: segmentation fault via the component sub_select (CVE-2022-32084)

* mariadb: server crash in JOIN_CACHE::free or in copy_fields
(CVE-2022-32091)

* mariadb: compress_write() fails to release mutex on failure
(CVE-2022-38791)

* mariadb: NULL pointer dereference in spider_db_mbase::print_warnings()
(CVE-2022-47015)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* [MariaDB 10.3.32] socat: E Failed to set SNI host "" (SST failure)
(BZ#2223961)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MariaDB server daemon (mysqld) will be
restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

2106034 - CVE-2022-32084 mariadb: segmentation fault via the component sub_select
2106042 - CVE-2022-32091 mariadb: server crash in JOIN_CACHE::free or in copy_fields
2130105 - CVE-2022-38791 mariadb: compress_write() fails to release mutex on failure
2163609 - CVE-2022-47015 mariadb: NULL pointer dereference in spider_db_mbase::print_warnings()
2223572 - [Tracker] Rebase to MariaDB 10.3.39 [rhel-8.8.0.z]
2223574 - [Tracker] Rebase to Galera 25.3.37 [rhel-8.8.0.z]
2223961 - [MariaDB 10.3.32] socat: E Failed to set SNI host "" (SST failure) [rhel-8.8.0.z]
2223962 - [MariaDB 10.3] JSON_VALUE() does not parse NULL properties properly [rhel-8.8.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
Judy-1.0.5-18.module+el8+2765+cfa4f87b.src.rpm
galera-25.3.37-1.module+el8.8.0+19444+aac3c36b.src.rpm
mariadb-10.3.39-1.module+el8.8.0+19673+72b0d35f.src.rpm

aarch64:
Judy-1.0.5-18.module+el8+2765+cfa4f87b.aarch64.rpm
Judy-debuginfo-1.0.5-18.module+el8+2765+cfa4f87b.aarch64.rpm
Judy-debugsource-1.0.5-18.module+el8+2765+cfa4f87b.aarch64.rpm
galera-25.3.37-1.module+el8.8.0+19444+aac3c36b.aarch64.rpm
galera-debuginfo-25.3.37-1.module+el8.8.0+19444+aac3c36b.aarch64.rpm
galera-debugsource-25.3.37-1.module+el8.8.0+19444+aac3c36b.aarch64.rpm
mariadb-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-backup-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-backup-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-common-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-debugsource-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-embedded-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-embedded-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-embedded-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-errmsg-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-gssapi-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-gssapi-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-oqgraph-engine-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-oqgraph-engine-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-server-galera-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-server-utils-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-server-utils-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-test-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm
mariadb-test-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.aarch64.rpm

ppc64le:
Judy-1.0.5-18.module+el8+2765+cfa4f87b.ppc64le.rpm
Judy-debuginfo-1.0.5-18.module+el8+2765+cfa4f87b.ppc64le.rpm
Judy-debugsource-1.0.5-18.module+el8+2765+cfa4f87b.ppc64le.rpm
galera-25.3.37-1.module+el8.8.0+19444+aac3c36b.ppc64le.rpm
galera-debuginfo-25.3.37-1.module+el8.8.0+19444+aac3c36b.ppc64le.rpm
galera-debugsource-25.3.37-1.module+el8.8.0+19444+aac3c36b.ppc64le.rpm
mariadb-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-backup-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-backup-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-common-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-debugsource-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-embedded-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-embedded-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-embedded-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-errmsg-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-gssapi-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-gssapi-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-oqgraph-engine-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-oqgraph-engine-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-server-galera-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-server-utils-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-server-utils-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-test-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm
mariadb-test-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.ppc64le.rpm

s390x:
Judy-1.0.5-18.module+el8+2765+cfa4f87b.s390x.rpm
Judy-debuginfo-1.0.5-18.module+el8+2765+cfa4f87b.s390x.rpm
Judy-debugsource-1.0.5-18.module+el8+2765+cfa4f87b.s390x.rpm
galera-25.3.37-1.module+el8.8.0+19444+aac3c36b.s390x.rpm
galera-debuginfo-25.3.37-1.module+el8.8.0+19444+aac3c36b.s390x.rpm
galera-debugsource-25.3.37-1.module+el8.8.0+19444+aac3c36b.s390x.rpm
mariadb-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-backup-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-backup-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-common-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-debugsource-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-embedded-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-embedded-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-embedded-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-errmsg-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-gssapi-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-gssapi-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-oqgraph-engine-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-oqgraph-engine-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-server-galera-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-server-utils-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-server-utils-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-test-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm
mariadb-test-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.s390x.rpm

x86_64:
Judy-1.0.5-18.module+el8+2765+cfa4f87b.x86_64.rpm
Judy-debuginfo-1.0.5-18.module+el8+2765+cfa4f87b.x86_64.rpm
Judy-debugsource-1.0.5-18.module+el8+2765+cfa4f87b.x86_64.rpm
galera-25.3.37-1.module+el8.8.0+19444+aac3c36b.x86_64.rpm
galera-debuginfo-25.3.37-1.module+el8.8.0+19444+aac3c36b.x86_64.rpm
galera-debugsource-25.3.37-1.module+el8.8.0+19444+aac3c36b.x86_64.rpm
mariadb-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-backup-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-backup-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-common-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-debugsource-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-embedded-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-embedded-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-embedded-devel-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-errmsg-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-gssapi-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-gssapi-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-oqgraph-engine-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-oqgraph-engine-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-server-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-server-galera-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-server-utils-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-server-utils-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-test-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm
mariadb-test-debuginfo-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-32084
https://access.redhat.com/security/cve/CVE-2022-32091
https://access.redhat.com/security/cve/CVE-2022-38791
https://access.redhat.com/security/cve/CVE-2022-47015
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJlCb3ZAAoJENzjgjWX9erEDxEP/Aq+wfTm3Ops51Y9JC/obwkp
HkxuJNiHTQT0JK6d3ESOE2/mIi0raSjpKRhJW3MnyDrJwNeZoTd93t1FaTAkAkA9
U1za0tzSCvHv1vNz7ieB4DfrvVyW12oqBI26mckkRvuSfGli+yVZnKA9MinLVw+w
E2V5l0yvvlTzNCqm5W4B1WeYTzHvYJz3bIuVcVWEBiIqpl6pjl086EhZZgttNEbW
9MG67YqpAftxzP/PEJG57vIGNLrpUJu6k2OYTmOCWOwkE8JOvznTbqmtyoV8BPVT
taokxWeLEZGvXSoNBfTZkON4Fvcx04eFzFXEObptHOajeeg9tmudE+GR6bjr0PJE
5TDUOc45JGHbBKwDkX2qZCMtCHOXKirx83oQcZAbSzHCCk9zi/3nfWp3CZhpP8TI
0/BUBJCmyzpNxehEMgiEFf62CQMS9h2FZvvdI5QgHQPVLPye2y9NWbwYyABI6mX4
IwuOBHLkRoUej7pgjUvPAWYfQyEomUWegi6Jp0Vo6Pf8Jr0QCYh4J6HDGKoEO6uk
Tdo1z1q0YIiv2a0EMWN3j+3fOweKJaPFGJiiOzRV/bsVzJR/TPHrsReWbkYplHmb
VVLPRg4vtwqdSILgpNzF2E5qwwdN90wA2IIEWLruHw/H75a5+ZdeYzIadZvaFL7E
sttMS85nL+3ugr4OSLB9
=lKOL
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Top Authors In Last 30 Days

Red Hat 236 files
Ubuntu 90 files
Gentoo 31 files
Debian 23 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Amit Roy 4 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,077)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,339)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,263)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,651)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

Red Hat Security Advisory 2023-5259-01

Red Hat Security Advisory 2023-5259-01

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2023-5259-01

Share This

Red Hat Security Advisory 2023-5259-01

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems