mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Yogita Urade
5bc652be7a
CVE-2023-52969: MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2. CVE-2023-52970: MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., 11.0 through 11.0., and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where. CVE-2023-52969-CVE-20230-52970-0001 and CVE-2023-52969-CVE-20230-52970-0002 are dependent commits while CVE-2023-52969-CVE-20230-52970-0003 and CVE-2023-52969-CVE-20230-52970-0004 are actual CVE fixes. References: https://nvd.nist.gov/vuln/detail/CVE-2023-52969 https://nvd.nist.gov/vuln/detail/CVE-2023-52970 Upstream patches: https://github.com/MariaDB/server/commit/e6403733897483bed249875f0f3e5e9937ca2b38 https://github.com/MariaDB/server/commit/d98ac8511e39770ef3d8b42937c84e876d1459e https://github.com/MariaDB/server/commit/9b313d2de1df65626abb3b1d6c973f74addb12fb https://github.com/MariaDB/server/commit/4fc9dc84b017cf9f30585bcdef0663f9425fe460 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta-oe ======= This layer depends on: URI: git://github.com/openembedded/openembedded-core.git branch: kirkstone luajit recipe requires host compiler to be able to generate 32bit code when target is 32bit e.g. arm, so ensure that $CC -m32 is functional on build host, if building this recipe, needed packages to fullfit this might have different names on different host distributions e.g. on archlinux based distributions install prerequisites like below pacman -S lib32-gcc-libs lib32-glibc Ubuntu sudo apt-get install gcc-multilib linux-libc-dev:i386 Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][kirkstone]' in the subject' When sending single patches, please use something like: 'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-oe][kirkstone][PATCH"' You are encouraged to fork the mirror on GitHub https://github.com/openembedded/meta-openembedded to share your patches, this is preferred for patch sets consisting of more than one patch. Other services like GitLab, repo.or.cz or self-hosted setups are of course accepted as well, 'git fetch <remote>' works the same on all of them. We recommend GitHub because it is free, easy to use, has been proven to be reliable and has a really good web GUI. layer maintainer: Armin Kuster <akuster808@gmail.com>