starlingx/tools
Code Issues Proposed changes

Debian: mariadb: fix multiple CVEs

Browse Source 
Upgrade libmariadb-dev to 10.5.28-0+deb11u2
Upgrade libmariadb-dev-compat to 10.5.28-0+deb11u2
Upgrade libmariadb3 to 10.5.28-0+deb11u2
Upgrade mariadb-common to 10.5.26-0+deb11u2

CVE-2025-21490: https://nvd.nist.gov/vuln/detail/CVE-2025-21490
CVE-2023-52969: https://nvd.nist.gov/vuln/detail/CVE-2023-52969
CVE-2023-52970: https://nvd.nist.gov/vuln/detail/CVE-2023-52970

https://security-tracker.debian.org/tracker/DLA-4074-1
https://www.tenable.com/plugins/nessus/216982
https://security-tracker.debian.org/tracker/DLA-4154-1
https://www.tenable.com/plugins/nessus/235499

TestPlan:
PASS: downloader; build-pkgs
PASS: build-image
PASS: install on SX-lab (VBox)

Closes-Bug: 2103576
Closes-Bug: 2111238

Change-Id: I4739665d66eeb13062e7ae3c9cc206b8097694fa
Signed-off-by: Joao Tognolli Jr <Joao.TognolliJunior@windriver.com>
This commit is contained in:
Joao Tognolli Jr
2025-05-22 09:33:05 -03:00
parent a457d1e943
commit e6a06670a0
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
debian-mirror-tools/config/debian/common/base-bullseye.lst
View File

@@ -507,9 +507,9 @@ liblz4-1 1.9.3-2
liblzma5 5.2.5-2.1~deb11u1 https://snapshot.debian.org/archive/debian/20220422T213035Z/pool/main/x/xz-utils/liblzma5_5.2.5-2.1~deb11u1_amd64.deb
libmagic1 1:5.39-3+deb11u1 https://snapshot.debian.org/archive/debian-security/20230904T194428Z/pool/updates/main/f/file/libmagic1_5.39-3%2Bdeb11u1_amd64.deb
libmagic-mgc 1:5.39-3+deb11u1 https://snapshot.debian.org/archive/debian-security/20230904T194428Z/pool/updates/main/f/file/libmagic-mgc_5.39-3%2Bdeb11u1_amd64.deb
libmariadb-dev 1:10.5.26-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20240918T043331Z/pool/updates/main/m/mariadb-10.5/libmariadb-dev_10.5.26-0%2Bdeb11u2_amd64.deb
libmariadb-dev-compat 1:10.5.26-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20240918T043331Z/pool/updates/main/m/mariadb-10.5/libmariadb-dev-compat_10.5.26-0%2Bdeb11u2_amd64.deb
libmariadb3 1:10.5.26-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20240918T043331Z/pool/updates/main/m/mariadb-10.5/libmariadb3_10.5.26-0%2Bdeb11u2_amd64.deb
libmariadb-dev 1:10.5.28-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20250519T175619Z/pool/updates/main/m/mariadb-10.5/libmariadb-dev_10.5.28-0%2Bdeb11u2_amd64.deb
libmariadb-dev-compat 1:10.5.28-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20250519T175619Z/pool/updates/main/m/mariadb-10.5/libmariadb-dev-compat_10.5.28-0%2Bdeb11u2_amd64.deb
libmariadb3 1:10.5.28-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20250519T175619Z/pool/updates/main/m/mariadb-10.5/libmariadb3_10.5.28-0%2Bdeb11u2_amd64.deb
libmaxminddb0 1.5.2-1
libmd0 1.0.3-3
libmm-glib0 1.14.12-0.2
@@ -820,7 +820,7 @@ m4 1.4.18-5
mailcap 3.69
make 4.3-4.1
man-db 2.9.4-2
mariadb-common 1:10.5.26-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20240918T044328Z/pool/updates/main/m/mariadb-10.5/mariadb-common_10.5.26-0%2Bdeb11u2_all.deb
mariadb-common 1:10.5.28-0+deb11u2 https://snapshot.debian.org/archive/debian-security/20250519T175619Z/pool/updates/main/m/mariadb-10.5/mariadb-common_10.5.28-0%2Bdeb11u2_all.deb
mawk 1.3.4.20200120-2
mdadm 4.1-11
media-types 4.0.0