{"id":"MGASA-2019-0335","summary":"Updated mariadb packages fix security vulnerabilities","details":"Updated mariadb packages fix security vulnerabilities:\n\nA vulnerability in Server: Optimizer contains an easily exploitable\nvulnerability allows low privileged attacker with network access via\nmultiple protocols to compromise the server. Successful attacks of this\nvulnerability can result in unauthorized ability to cause a hang or\nfrequently repeatable crash (complete DOS) (CVE-2019-2974).\n\nA vulnerability in InnoDB contains an Difficult to exploit vulnerability\nallows high privileged attacker with network access via multiple protocols\nto compromise the server. Successful attacks of this vulnerability can\nresult in unauthorized ability to cause a hang or frequently repeatable\ncrash (complete DOS) (CVE-2019-2938).\n","modified":"2026-02-04T03:52:38.691918Z","published":"2019-11-19T21:16:53Z","related":["CVE-2019-2938","CVE-2019-2974"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0335.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25691"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.3.20-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0335.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}