From debbugs-submit-bounces@debbugs.gnu.org Fri Mar 19 06:25:46 2021 Received: (at submit) by debbugs.gnu.org; 19 Mar 2021 10:25:46 +0000 Received: from localhost ([127.0.0.1]:48871 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCKA-0004mC-FZ for submit@debbugs.gnu.org; Fri, 19 Mar 2021 06:25:46 -0400 Received: from lists.gnu.org ([209.51.188.17]:50662) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCK8-0004m5-In for submit@debbugs.gnu.org; Fri, 19 Mar 2021 06:25:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:50446) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNCK7-0006hu-3x for bug-guix@gnu.org; Fri, 19 Mar 2021 06:25:44 -0400 Received: from mail.zaclys.net ([178.33.93.72]:34781) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNCK4-000792-3T for bug-guix@gnu.org; Fri, 19 Mar 2021 06:25:42 -0400 Received: from guix-xps.local (lsl43-1_migr-78-195-19-20.fbx.proxad.net [78.195.19.20] (may be forged)) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12JAPZPw023317 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 19 Mar 2021 11:25:36 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12JAPZPw023317 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616149536; bh=1puOrrZCiHA8ILuIcfUwMaf9bq1QdKgqIlxQQejx6NY=; h=Subject:From:To:Date:From; b=mX5vzP0e61HvujFj+Nksb+9o1VHfMGQY93ggIkKs5ajMgo7Q5H786X0dZf4fC6UIg cltCEoGVKs+90YkO0jOYI6JZi2wijckltqLQCRSM9bz9q5eiN07gkKm6TescRpwD1n zhF5JIgqY/D3xTEPA9YmBZBcpSXf9fhCTefrni54= Message-ID: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> Subject: mariadb is vulnerable to CVE-2021-27928 (RCE) From: =?ISO-8859-1?Q?L=E9o?= Le Bouter To: bug-guix@gnu.org Date: Fri, 19 Mar 2021 11:25:31 +0100 Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-HV4jQBhGNbmjzWfMKcxr" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Received-SPF: pass client-ip=178.33.93.72; envelope-from=lle-bout@zaclys.net; helo=mail.zaclys.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --=-HV4jQBhGNbmjzWfMKcxr Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable CVE-2021-27928 04:15 A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product. =46rom https://jira.mariadb.org/browse/MDEV-25179 it looks like 10.5.9 fixes it for us since we package 10.5.8 currently. However: $ ./pre-inst-env guix refresh -l mariadb Building the following 552 packages would ensure 1047 dependent packages are rebuilt: [..] Is it possible to graft mariadb you think? I am thinking this issue doesnt need updating of the "lib" output which is what's causing the high number of dependents AIUI. I am not sure we could actually update individual outputs right now though. Might be a good idea to split the packages for the future. L=C3=A9o --=-HV4jQBhGNbmjzWfMKcxr Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBUfBsACgkQRaix6GvN EKZ48xAAg7TTA36nGY+2YV64wogSp0LpXk3kJwoRom9/LSnPuy0JZKo7Z7V8vJyN cYiwvTKjSLm01UqNvsJ4fmoz6+H/LdEfNvTI2INQKZmMjxnBpfmT1dEAa2nfeh+0 160bBxHofksBSuDddLEeeJD+GtUZYpIbm1dRr0KZvOwvqWML3v4HZGfxv/QO+aCL mdtqU9L15bMbbL3GzE4ok1+hevIuPiHTEPOmdlHpOp5EFPi0q+cWmvFc8m5Z+m94 FV9RjdMayV0Ho4rrw7JGHy0viZf5c8kiCArdGmBdUE1XMTNsdJa3DWzN3oPwjRS/ mMvPeSdhC//rxCoQLyRCADUBmOucgqZ6RotH3+SIw0jisQhvKt1hF0TvzQhOdNCX 1CAJoZ3QwsiQrUeui//Ka/lbywkhBwMtbPXxiEM8o/pSHjJcMKZzX+a7e473zbq2 amkvNsfaRDXuExdrG1JYM2p9i7zbpxLvn361ZUCwBIE4PR0sG5XgGHqTZwhp7xyf 0LTH2FHRGkqMQOUlimIETu8F8u3TLyTploojmuWsP2ZgmK99axb02b8mOBwnsDau pugfhYnq5KkcnVy95JEQZnVNiCqNZV6vm90R3U0wUIBzLZBO1me1Qc6P+3cKXPnS WxwqkUQnvc5V/RFUURTBsu9llwaIp0Kp4tmFLKmGx1fJCQQTq34= =Tbur -----END PGP SIGNATURE----- --=-HV4jQBhGNbmjzWfMKcxr--