{"id":"USN-5170-1","summary":"mariadb-10.3, mariadb-10.5 vulnerability","details":"A security issue was discovered in MariaDB and this update includes\nnew upstream MariaDB versions to fix the issue.\n\nMariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in\nUbuntu 21.04 and Ubuntu 21.10.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n","modified":"2026-04-27T18:51:25.255406Z","published":"2021-12-06T14:39:06Z","related":["UBUNTU-CVE-2021-35604"],"upstream":["CVE-2021-35604","UBUNTU-CVE-2021-35604"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5170-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-35604"}],"affected":[{"package":{"name":"mariadb-10.3","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/mariadb-10.3@1:10.3.32-0ubuntu0.20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:10.3.32-0ubuntu0.20.04.1"}]}],"versions":["1:10.3.17-1","1:10.3.18-1","1:10.3.19-1","1:10.3.21-2","1:10.3.22-1","1:10.3.22-1ubuntu1","1:10.3.25-0ubuntu0.20.04.1","1:10.3.29-0ubuntu0.20.04.1","1:10.3.30-0ubuntu0.20.04.1","1:10.3.31-0ubuntu0.20.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"libmariadb-dev-compat"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"libmariadb3"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"libmariadbd19"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-backup"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-client"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-client-10.3"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-client-core-10.3"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-common"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-connect"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-cracklib-password-check"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-gssapi-client"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-gssapi-server"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-mroonga"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-oqgraph"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-rocksdb"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-spider"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-plugin-tokudb"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-server"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-server-10.3"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-server-core-10.3"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-test"},{"binary_version":"1:10.3.32-0ubuntu0.20.04.1","binary_name":"mariadb-test-data"}]},"database_specific":{"cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2021-35604"}],"ecosystem":"Ubuntu:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5170-1.json"}}],"schema_version":"1.7.5"}