Oval Definition:oval:com.redhat.rhsa:def:20205503
Revision Date:2020-12-15Version:635
Title:RHSA-2020:5503: mariadb-connector-c security, bug fix, and enhancement update (Moderate)
Description:The MariaDB Native Client library (C driver) is used to connect applications developed in C/C++ to MariaDB and MySQL databases.

  • The following packages have been upgraded to a later upstream version: mariadb-connector-c (3.1.11). (BZ#1898993)

    Security Fix(es):

  • mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2752)

  • mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2922)

  • mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249)

  • mysql: C API unspecified vulnerability (CPU Jan 2020) (CVE-2020-2574)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

  • Code utilizing plugins can't be compiled properly (BZ#1899001)

  • Add "zlib-devel" requirement in "-devel" subpackage (BZ#1899005)

  • Replace hard-coded /usr with %{_prefix} (BZ#1899099)
    • Family:unixClass:patch
    Status:Reference(s):CVE-2020-13249
    CVE-2020-2574
    CVE-2020-2752
    CVE-2020-2922
    CVE-2021-2007
    RHSA-2020:5503
    Platform(s):Red Hat Enterprise Linux 8
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • mariadb-connector-c is earlier than 0:3.1.11-2.el8_3
  • AND mariadb-connector-c is signed with Red Hat redhatrelease2 key
  • mariadb-connector-c-config is earlier than 0:3.1.11-2.el8_3
  • AND mariadb-connector-c-config is signed with Red Hat redhatrelease2 key
  • mariadb-connector-c-devel is earlier than 0:3.1.11-2.el8_3
  • AND mariadb-connector-c-devel is signed with Red Hat redhatrelease2 key
    • BACK