1195334 – (CVE-2021-46658) VUL-1: CVE-2021-46658: mariadb,mariadb-100: save_window_function_values allows an application crash because of incorrect handling of with_window_func=true for a subquery.

Bug 1195334 (CVE-2021-46658) - VUL-1: CVE-2021-46658: mariadb,mariadb-100: save_window_function_values allows an application crash because of incorrect handling of with_window_func=true for a subquery.

Summary: VUL-1: CVE-2021-46658: mariadb,mariadb-100: save_window_function_values allow...

Status:	RESOLVED FIXED

Alias:	CVE-2021-46658

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/322163/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-46658:3.7:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2022-01-31 10:53 UTC by Thomas Leroy
Modified:	2024-05-20 10:14 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Leroy 2022-01-31 10:53:00 UTC

CVE-2021-46658

save_window_function_values in MariaDB before 10.6.3 allows an application crash
because of incorrect handling of with_window_func=true for a subquery.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46658
http://www.cvedetails.com/cve/CVE-2021-46658/
https://jira.mariadb.org/browse/MDEV-25630

Comment 1 Thomas Leroy 2022-01-31 11:09:52 UTC

Just like bnc#1195325, I think the following codestreams are already fixed:
- SUSE:SLE-12-SP4:Update/mariadb
- SUSE:SLE-15:Update/mariadb	
- SUSE:SLE-15-SP2:Update/mariadb	
- SUSE:SLE-15-SP3:Update/mariadb	
- SUSE:SLE-15-SP4:Update/mariadb

However I think SUSE:SLE-12-SP3:Update:Products:Cloud8:Update is affected. And I am not sure about SUSE:SLE-12-SP1:Update/mariadb and SUSE:SLE-12-SP4:Update/mariadb-100, I am trying to figure out if v10.0.x are affected.

Comment 2 Danilo Spinella 2022-01-31 13:16:57 UTC

I think SUSE:SLE-12-SP1:Update/mariadb is not maintained anymore.

Comment 8 Swamp Workflow Management 2022-03-04 14:24:47 UTC

SUSE-SU-2022:0725-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise Server for SAP 15 (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise Server 15-LTSS (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    mariadb-10.2.43-3.51.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    mariadb-10.2.43-3.51.1
SUSE Enterprise Storage 6 (src):    mariadb-10.2.43-3.51.1
SUSE CaaS Platform 4.0 (src):    mariadb-10.2.43-3.51.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 9 Swamp Workflow Management 2022-03-04 14:38:46 UTC

SUSE-SU-2022:0726-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    mariadb-10.4.24-3.25.1
SUSE Manager Retail Branch Server 4.1 (src):    mariadb-10.4.24-3.25.1
SUSE Manager Proxy 4.1 (src):    mariadb-10.4.24-3.25.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    mariadb-10.4.24-3.25.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    mariadb-10.4.24-3.25.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    mariadb-10.4.24-3.25.1
SUSE Linux Enterprise Realtime Extension 15-SP2 (src):    mariadb-10.4.24-3.25.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    mariadb-10.4.24-3.25.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    mariadb-10.4.24-3.25.1
SUSE Enterprise Storage 7 (src):    mariadb-10.4.24-3.25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 10 Swamp Workflow Management 2022-03-04 14:39:38 UTC

openSUSE-SU-2022:0726-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    mariadb-10.4.24-3.25.1

Comment 11 Swamp Workflow Management 2022-03-04 14:40:31 UTC

openSUSE-SU-2022:0725-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    mariadb-10.2.43-3.51.1

Comment 12 Swamp Workflow Management 2022-03-04 17:22:00 UTC

SUSE-SU-2022:0731-1: An update that fixes 12 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: SLE-22245
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP3 (src):    mariadb-10.5.15-150300.3.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 13 Swamp Workflow Management 2022-03-04 17:25:03 UTC

openSUSE-SU-2022:0731-1: An update that fixes 12 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: SLE-22245
Sources used:
openSUSE Leap 15.3 (src):    mariadb-10.5.15-150300.3.15.1

Comment 14 Swamp Workflow Management 2022-03-09 17:20:06 UTC

SUSE-SU-2022:0782-1: An update that fixes 12 vulnerabilities is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    mariadb-10.2.43-3.47.1
SUSE OpenStack Cloud 9 (src):    mariadb-10.2.43-3.47.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    mariadb-10.2.43-3.47.1
SUSE Linux Enterprise Server 12-SP5 (src):    mariadb-10.2.43-3.47.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    mariadb-10.2.43-3.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Swamp Workflow Management 2022-04-29 13:19:54 UTC

SUSE-SU-2022:0731-2: An update that fixes 12 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1195325,1195334,1195339,1196016
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052
JIRA References: SLE-22245
Sources used:
openSUSE Leap 15.4 (src):    mariadb-10.5.15-150300.3.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Swamp Workflow Management 2022-07-27 16:19:06 UTC

SUSE-SU-2022:2561-1: An update that fixes 36 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1195076,1195325,1195334,1195339,1196016,1198603,1198604,1198605,1198606,1198607,1198609,1198610,1198611,1198612,1198613,1198628,1198629,1198630,1198631,1198632,1198633,1198634,1198635,1198636,1198637,1198638,1198639,1198640,1199928
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2021-46669,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052,CVE-2022-27376,CVE-2022-27377,CVE-2022-27378,CVE-2022-27379,CVE-2022-27380,CVE-2022-27381,CVE-2022-27382,CVE-2022-27383,CVE-2022-27384,CVE-2022-27386,CVE-2022-27387,CVE-2022-27444,CVE-2022-27445,CVE-2022-27446,CVE-2022-27447,CVE-2022-27448,CVE-2022-27449,CVE-2022-27451,CVE-2022-27452,CVE-2022-27455,CVE-2022-27456,CVE-2022-27457,CVE-2022-27458
JIRA References: SLE-22245
Sources used:
openSUSE Leap 15.4 (src):    mariadb-10.6.8-150400.3.7.1
SUSE Linux Enterprise Module for Server Applications 15-SP4 (src):    mariadb-10.6.8-150400.3.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Maintenance Automation 2023-10-04 08:33:09 UTC

SUSE-RU-2023:3956-1: An update that solves 221 vulnerabilities and contains three features can now be installed.

Category: recommended (moderate)
Bug References: 1001367, 1005555, 1005558, 1005562, 1005564, 1005566, 1005569, 1005581, 1005582, 1006539, 1008253, 1012075, 1013882, 1019948, 1020873, 1020875, 1020877, 1020878, 1020882, 1020884, 1020885, 1020890, 1020891, 1020894, 1020896, 1020976, 1022428, 1038740, 1039034, 1041525, 1041891, 1042632, 1043328, 1047218, 1055165, 1055268, 1058374, 1058729, 1060110, 1062583, 1067443, 1068906, 1069401, 1080891, 1083087, 1088681, 1092544, 1098683, 1101676, 1101677, 1101678, 1103342, 1111858, 1111859, 1112368, 1112377, 1112384, 1112386, 1112391, 1112397, 1112404, 1112415, 1112417, 1112421, 1112432, 1112767, 1116686, 1118754, 1120041, 1122198, 1122475, 1127027, 1132666, 1136035, 1142909, 1143215, 1144314, 1156669, 1160285, 1160868, 1160878, 1160883, 1160895, 1160912, 1166781, 1168380, 1170204, 1173028, 1173516, 1174559, 1175596, 1177472, 1178428, 1180014, 1182218, 1182255, 1182739, 1183770, 1185870, 1185872, 1186031, 1189320, 1192497, 1195325, 1195334, 1195339, 1196016, 1197459, 1198603, 1198604, 1198605, 1198606, 1198607, 1198609, 1198610, 1198611, 1198612, 1198613, 1198628, 1198629, 1198630, 1198631, 1198632, 1198633, 1198634, 1198635, 1198636, 1198637, 1198638, 1198639, 1198640, 1199928, 1200105, 1201161, 1201163, 1201164, 1201165, 1201166, 1201167, 1201168, 1201169, 1201170, 1202863, 332530, 353120, 357634, 359522, 366820, 371000, 387746, 420313, 425079, 427384, 429618, 435519, 437293, 463586, 520876, 525065, 525325, 539243, 539249, 557669, 635645, 747811, 763150, 779476, 789263, 792444, 796164, 829430, 841709, 859345, 889126, 894479, 902396, 914370, 921955, 934789, 937754, 937767, 937787, 942908, 943096, 957174, 963810, 971456, 979524, 983938, 984858, 986251, 989913, 989919, 989922, 989926, 990890, 998309
CVE References: CVE-2006-0903, CVE-2006-4226, CVE-2006-4227, CVE-2007-5969, CVE-2007-5970, CVE-2007-6303, CVE-2007-6304, CVE-2008-2079, CVE-2008-7247, CVE-2009-4019, CVE-2009-4028, CVE-2009-4030, CVE-2012-4414, CVE-2012-5611, CVE-2012-5612, CVE-2012-5615, CVE-2012-5627, CVE-2013-1976, CVE-2015-4792, CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913, CVE-2015-5969, CVE-2015-7744, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0616, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0644, CVE-2016-0646, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0668, CVE-2016-2047, CVE-2016-3477, CVE-2016-3492, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440, CVE-2016-5584, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE-2016-6663, CVE-2016-6664, CVE-2016-7440, CVE-2016-8283, CVE-2016-9843, CVE-2017-10268, CVE-2017-10286, CVE-2017-10320, CVE-2017-10365, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017-15365, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653, CVE-2018-25032, CVE-2018-2562, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2755, CVE-2018-2759, CVE-2018-2761, CVE-2018-2766, CVE-2018-2767, CVE-2018-2771, CVE-2018-2777, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2813, CVE-2018-2817, CVE-2018-2819, CVE-2018-3058, CVE-2018-3060, CVE-2018-3063, CVE-2018-3064, CVE-2018-3066, CVE-2018-3143, CVE-2018-3156, CVE-2018-3162, CVE-2018-3173, CVE-2018-3174, CVE-2018-3185, CVE-2018-3200, CVE-2018-3251, CVE-2018-3277, CVE-2018-3282, CVE-2018-3284, CVE-2019-18901, CVE-2019-2510, CVE-2019-2537, CVE-2019-2614, CVE-2019-2627, CVE-2019-2628, CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2938, CVE-2019-2974, CVE-2020-13249, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789, CVE-2020-14812, CVE-2020-15180, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814, CVE-2020-7221, CVE-2021-2154, CVE-2021-2166, CVE-2021-2372, CVE-2021-2389, CVE-2021-27928, CVE-2021-35604, CVE-2021-46657, CVE-2021-46658, CVE-2021-46659, CVE-2021-46661, CVE-2021-46663, CVE-2021-46664, CVE-2021-46665, CVE-2021-46668, CVE-2021-46669, CVE-2022-21427, CVE-2022-21595, CVE-2022-24048, CVE-2022-24050, CVE-2022-24051, CVE-2022-24052, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27382, CVE-2022-27383, CVE-2022-27384, CVE-2022-27386, CVE-2022-27387, CVE-2022-27444, CVE-2022-27445, CVE-2022-27446, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27451, CVE-2022-27452, CVE-2022-27455, CVE-2022-27456, CVE-2022-27457, CVE-2022-27458, CVE-2022-32081, CVE-2022-32083, CVE-2022-32084, CVE-2022-32085, CVE-2022-32086, CVE-2022-32087, CVE-2022-32088, CVE-2022-32089, CVE-2022-32091, CVE-2022-38791, CVE-2022-47015
Jira References: PED-2455, SLE-12253, SLE-8269
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): mariadb104-10.4.30-150100.3.5.10, python-mysqlclient-1.4.6-150100.3.3.7
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): mariadb104-10.4.30-150100.3.5.10, python-mysqlclient-1.4.6-150100.3.3.7
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): mariadb104-10.4.30-150100.3.5.10, python-mysqlclient-1.4.6-150100.3.3.7
SUSE CaaS Platform 4.0 (src): mariadb104-10.4.30-150100.3.5.10, python-mysqlclient-1.4.6-150100.3.3.7

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 25 Maintenance Automation 2023-12-29 12:30:20 UTC

SUSE-RU-2023:4991-1: An update that solves 221 vulnerabilities and contains three features can now be installed.

Category: recommended (moderate)
Bug References: 1001367, 1005555, 1005558, 1005562, 1005564, 1005566, 1005569, 1005581, 1005582, 1006539, 1008253, 1012075, 1013882, 1019948, 1020873, 1020875, 1020877, 1020878, 1020882, 1020884, 1020885, 1020890, 1020891, 1020894, 1020896, 1020976, 1022428, 1038740, 1039034, 1041525, 1041891, 1042632, 1043328, 1047218, 1055165, 1055268, 1058374, 1058729, 1060110, 1062583, 1067443, 1068906, 1069401, 1080891, 1083087, 1088681, 1092544, 1098683, 1101676, 1101677, 1101678, 1103342, 1111858, 1111859, 1112368, 1112377, 1112384, 1112386, 1112391, 1112397, 1112404, 1112415, 1112417, 1112421, 1112432, 1112767, 1116686, 1118754, 1120041, 1122198, 1122475, 1127027, 1132666, 1136035, 1142909, 1143215, 1144314, 1156669, 1160285, 1160868, 1160878, 1160883, 1160895, 1160912, 1166781, 1168380, 1170204, 1173028, 1173516, 1174559, 1175596, 1177472, 1178428, 1180014, 1182218, 1182255, 1182739, 1183770, 1185870, 1185872, 1186031, 1189320, 1192497, 1195325, 1195334, 1195339, 1196016, 1197459, 1198603, 1198604, 1198605, 1198606, 1198607, 1198609, 1198610, 1198611, 1198612, 1198613, 1198628, 1198629, 1198630, 1198631, 1198632, 1198633, 1198634, 1198635, 1198636, 1198637, 1198638, 1198639, 1198640, 1199928, 1200105, 1201161, 1201163, 1201164, 1201165, 1201166, 1201167, 1201168, 1201169, 1201170, 1202863, 332530, 353120, 357634, 359522, 366820, 371000, 387746, 420313, 425079, 427384, 429618, 435519, 437293, 463586, 520876, 525065, 525325, 539243, 539249, 557669, 635645, 747811, 763150, 779476, 789263, 792444, 796164, 829430, 841709, 859345, 889126, 894479, 902396, 914370, 921955, 934789, 937754, 937767, 937787, 942908, 943096, 957174, 963810, 971456, 979524, 983938, 984858, 986251, 989913, 989919, 989922, 989926, 990890, 998309
CVE References: CVE-2006-0903, CVE-2006-4226, CVE-2006-4227, CVE-2007-5969, CVE-2007-5970, CVE-2007-6303, CVE-2007-6304, CVE-2008-2079, CVE-2008-7247, CVE-2009-4019, CVE-2009-4028, CVE-2009-4030, CVE-2012-4414, CVE-2012-5611, CVE-2012-5612, CVE-2012-5615, CVE-2012-5627, CVE-2013-1976, CVE-2015-4792, CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4864, CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913, CVE-2015-5969, CVE-2015-7744, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0616, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0644, CVE-2016-0646, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0668, CVE-2016-2047, CVE-2016-3477, CVE-2016-3492, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440, CVE-2016-5584, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE-2016-6663, CVE-2016-6664, CVE-2016-7440, CVE-2016-8283, CVE-2016-9843, CVE-2017-10268, CVE-2017-10286, CVE-2017-10320, CVE-2017-10365, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017-15365, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653, CVE-2018-25032, CVE-2018-2562, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2755, CVE-2018-2759, CVE-2018-2761, CVE-2018-2766, CVE-2018-2767, CVE-2018-2771, CVE-2018-2777, CVE-2018-2781, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2813, CVE-2018-2817, CVE-2018-2819, CVE-2018-3058, CVE-2018-3060, CVE-2018-3063, CVE-2018-3064, CVE-2018-3066, CVE-2018-3143, CVE-2018-3156, CVE-2018-3162, CVE-2018-3173, CVE-2018-3174, CVE-2018-3185, CVE-2018-3200, CVE-2018-3251, CVE-2018-3277, CVE-2018-3282, CVE-2018-3284, CVE-2019-18901, CVE-2019-2510, CVE-2019-2537, CVE-2019-2614, CVE-2019-2627, CVE-2019-2628, CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2938, CVE-2019-2974, CVE-2020-13249, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789, CVE-2020-14812, CVE-2020-15180, CVE-2020-2574, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814, CVE-2020-7221, CVE-2021-2154, CVE-2021-2166, CVE-2021-2372, CVE-2021-2389, CVE-2021-27928, CVE-2021-35604, CVE-2021-46657, CVE-2021-46658, CVE-2021-46659, CVE-2021-46661, CVE-2021-46663, CVE-2021-46664, CVE-2021-46665, CVE-2021-46668, CVE-2021-46669, CVE-2022-21427, CVE-2022-21595, CVE-2022-24048, CVE-2022-24050, CVE-2022-24051, CVE-2022-24052, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27382, CVE-2022-27383, CVE-2022-27384, CVE-2022-27386, CVE-2022-27387, CVE-2022-27444, CVE-2022-27445, CVE-2022-27446, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27451, CVE-2022-27452, CVE-2022-27455, CVE-2022-27456, CVE-2022-27457, CVE-2022-27458, CVE-2022-32081, CVE-2022-32083, CVE-2022-32084, CVE-2022-32085, CVE-2022-32086, CVE-2022-32087, CVE-2022-32088, CVE-2022-32089, CVE-2022-32091, CVE-2022-38791, CVE-2022-47015
Jira References: PED-2455, SLE-12253, SLE-8269
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): mariadb-connector-c-3.1.22-2.35.1, lz4-1.8.0-3.5.2, python-mysqlclient-1.3.14-8.9.2, mariadb104-10.4.30-8.5.46
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): mariadb-connector-c-3.1.22-2.35.1, lz4-1.8.0-3.5.2, python-mysqlclient-1.3.14-8.9.2, mariadb104-10.4.30-8.5.46
SUSE Linux Enterprise Server 12 SP5 (src): mariadb-connector-c-3.1.22-2.35.1, lz4-1.8.0-3.5.2, python-mysqlclient-1.3.14-8.9.2, mariadb104-10.4.30-8.5.46
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): mariadb-connector-c-3.1.22-2.35.1, lz4-1.8.0-3.5.2, python-mysqlclient-1.3.14-8.9.2, mariadb104-10.4.30-8.5.46

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Andrea Mattiazzo 2024-05-20 10:14:15 UTC

All done, closing.