git: 7583b9a0d9d0 - main - security/vuxml: Mark MariaDB vulnerable
Bernard Spil
brnrd at FreeBSD.org
Wed Aug 4 08:11:06 UTC 2021
The branch main has been updated by brnrd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=7583b9a0d9d0445f225d5f511fdd3f83db0e6f51
commit 7583b9a0d9d0445f225d5f511fdd3f83db0e6f51
Author: Bernard Spil <brnrd at FreeBSD.org>
AuthorDate: 2021-08-04 08:10:56 +0000
Commit: Bernard Spil <brnrd at FreeBSD.org>
CommitDate: 2021-08-04 08:10:56 +0000
security/vuxml: Mark MariaDB vulnerable
---
security/vuxml/vuln-2021.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 52 insertions(+)
diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml
index b4a482f88b4c..bad459317b22 100644
--- a/security/vuxml/vuln-2021.xml
+++ b/security/vuxml/vuln-2021.xml
@@ -636,6 +636,18 @@ In limited circumstances it was possible for users to authenticate using variati
<name>mysql80-server</name>
<range><lt>8.0.26</lt></range>
</package>
+ <package>
+ <name>mariadb103-server</name>
+ <range><lt>10.3.31</lt></range>
+ </package>
+ <package>
+ <name>mariadb104-server</name>
+ <range><lt>10.4.21</lt></range>
+ </package>
+ <package>
+ <name>mariadb105-server</name>
+ <range><lt>10.5.12</lt></range>
+ </package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
@@ -647,15 +659,55 @@ In limited circumstances it was possible for users to authenticate using variati
requiring user credentials.<br/>
The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle
MySQL is 8.8.</p>
+ <p>MariaDB is affected by CVE-2021-2372 and CVE-2021-2389 only.</p>
</blockquote>
</body>
</description>
<references>
<url>https://www.oracle.com/security-alerts/cpujul2021.html</url>
+ <cvename>CVE-2019-17543</cvename>
+ <cvename>CVE-2021-2339</cvename>
+ <cvename>CVE-2021-2340</cvename>
+ <cvename>CVE-2021-2342</cvename>
+ <cvename>CVE-2021-2352</cvename>
+ <cvename>CVE-2021-2354</cvename>
+ <cvename>CVE-2021-2356</cvename>
+ <cvename>CVE-2021-2357</cvename>
+ <cvename>CVE-2021-2367</cvename>
+ <cvename>CVE-2021-2370</cvename>
+ <cvename>CVE-2021-2372</cvename>
+ <cvename>CVE-2021-2374</cvename>
+ <cvename>CVE-2021-2383</cvename>
+ <cvename>CVE-2021-2384</cvename>
+ <cvename>CVE-2021-2385</cvename>
+ <cvename>CVE-2021-2387</cvename>
+ <cvename>CVE-2021-2389</cvename>
+ <cvename>CVE-2021-2390</cvename>
+ <cvename>CVE-2021-2399</cvename>
+ <cvename>CVE-2021-2402</cvename>
+ <cvename>CVE-2021-2410</cvename>
+ <cvename>CVE-2021-2411</cvename>
+ <cvename>CVE-2021-2412</cvename>
+ <cvename>CVE-2021-2417</cvename>
+ <cvename>CVE-2021-2418</cvename>
+ <cvename>CVE-2021-2422</cvename>
+ <cvename>CVE-2021-2424</cvename>
+ <cvename>CVE-2021-2425</cvename>
+ <cvename>CVE-2021-2426</cvename>
+ <cvename>CVE-2021-2427</cvename>
+ <cvename>CVE-2021-2429</cvename>
+ <cvename>CVE-2021-2437</cvename>
+ <cvename>CVE-2021-2440</cvename>
+ <cvename>CVE-2021-2441</cvename>
+ <cvename>CVE-2021-2444</cvename>
+ <cvename>CVE-2021-3450</cvename>
+ <cvename>CVE-2021-22884</cvename>
+ <cvename>CVE-2021-22901</cvename>
</references>
<dates>
<discovery>2021-07-20</discovery>
<entry>2021-07-20</entry>
+ <modified>2021-08-04</modified>
</dates>
</vuln>
More information about the dev-commits-ports-main
mailing list