This bug was fixed in the package mariadb - 1:10.11.8-0ubuntu0.24.04.1
---------------
mariadb (1:10.11.8-0ubuntu0.24.04.1) noble-security; urgency=medium
* SECURITY UPDATE: New upstream version 10.11.8 includes fixes for regressions
as noted at https://mariadb.com/kb/en/mariadb-10-11-8-release-notes/ and
also fixes the following security vulnerabilities (LP: #2067125):
- CVE-2024-21096
* Drop multiple patches dropped upstream, and re-import PR#2541 which had been
rebased in the original (and still open) PR.
* Remove libmariadb file no longer present in MariaDB Connector C v3.3
* Update client program 'mariadb' trace to match new libmariadb v3.3
* Update server trace to include new parameters and values
* Note that upstream dropped support for pmem as Red Hat does not support it,
but we continue to use it in Ubuntu
* Also note upstream updated the MariaDB Connector C library (libmariadb)
from v3.2 to 3.3 in this stable maintenance release, but it does not cause
any issues as the soname and list of public symbols continues to be exactly
same as before
-- Otto Kekäläinen <o...@debian.org> Fri, 24 May 2024 19:26:56 -0700
** Changed in: mariadb (Ubuntu Noble)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-21096
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067125
Title:
CVE-2024-21096 et al affects MariaDB in Ubuntu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb/+bug/2067125/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
