You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa galera

Sigurnosni nedostaci programskog paketa galera

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2020-b995eb2973
2020-11-09 01:20:59.211407
——————————————————————————–

Name : galera
Product : Fedora 32
Version : 26.4.6
Release : 1.fc32
URL : https://protect2.fireeye.com/v1/url?k=21eb8ab0-7e7790ae-21ec177c-000babd90757-bcc56a54912fd7a8&q=1&e=6a2175e7-03c0-4208-9854-589043fe35a3&u=http%3A%2F%2Fgaleracluster.com%2F
Summary : Synchronous multi-master wsrep provider (replication engine)
Description :
Galera is a fast synchronous multi-master wsrep provider (replication engine)
for transactional databases and similar applications. For more information
about wsrep API see http://launchpad.net/wsrep. For a description of Galera
replication engine see https://protect2.fireeye.com/v1/url?k=89fce629-d660fc37-89fb7be5-000babd90757-ba3c31b3073f262d&q=1&e=6a2175e7-03c0-4208-9854-589043fe35a3&u=http%3A%2F%2Fwww.codership.com%2F.

——————————————————————————–
Update Information:

**MariaDB 10.4.16** **MariaDB Connector C/C++ 3.1.11** **Galera 26.4.6**
Release notes: https://mariadb.com/kb/en/mariadb-10416-release-notes/
https://mariadb.com/kb/en/mariadb-connector-c-3111-release-notes/
——————————————————————————–
ChangeLog:

* Wed Nov 4 2020 Michal Schorm <mschorm@redhat.com> – 26.4.6-1
– Rebase to 26.4.6
* Thu Sep 17 2020 Michal Schorm <mschorm@redhat.com> – 26.4.5-2
– Extend the workaround also to ELN
——————————————————————————–
References:

[ 1 ] Bug #1894079 – CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 mariadb: various flaws [fedora-32]
https://bugzilla.redhat.com/show_bug.cgi?id=1894079
[ 2 ] Bug #1894663 – mariadb-connector-c-3.1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1894663
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-b995eb2973’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=5c7b57ae-03e74db0-5c7cca62-000babd90757-6f1bc433dd977df0&q=1&e=6a2175e7-03c0-4208-9854-589043fe35a3&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2020-561eed63ef
2020-11-09 01:11:32.149590
——————————————————————————–

Name : galera
Product : Fedora 33
Version : 26.4.6
Release : 1.fc33
URL : https://protect2.fireeye.com/v1/url?k=96e87964-c974637a-96efe4a8-000babd90757-d96e9b453f2f97bb&q=1&e=9db1f65b-0601-4212-9c91-0d78349480d4&u=http%3A%2F%2Fgaleracluster.com%2F
Summary : Synchronous multi-master wsrep provider (replication engine)
Description :
Galera is a fast synchronous multi-master wsrep provider (replication engine)
for transactional databases and similar applications. For more information
about wsrep API see http://launchpad.net/wsrep. For a description of Galera
replication engine see https://protect2.fireeye.com/v1/url?k=e320913e-bcbc8b20-e3270cf2-000babd90757-6a59c3933a1e89c9&q=1&e=9db1f65b-0601-4212-9c91-0d78349480d4&u=http%3A%2F%2Fwww.codership.com%2F.

——————————————————————————–
Update Information:

**MariaDB 10.4.16** **MariaDB Connector C/C++ 3.1.11** **Galera 26.4.6**
Release notes: https://mariadb.com/kb/en/mariadb-10416-release-notes/
https://mariadb.com/kb/en/mariadb-connector-c-3111-release-notes/
——————————————————————————–
ChangeLog:

* Wed Nov 4 2020 Michal Schorm <mschorm@redhat.com> – 26.4.6-1
– Rebase to 26.4.6
* Thu Sep 17 2020 Michal Schorm <mschorm@redhat.com> – 26.4.5-2
– Extend the workaround also to ELN
——————————————————————————–
References:

[ 1 ] Bug #1894079 – CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 mariadb: various flaws [fedora-32]
https://bugzilla.redhat.com/show_bug.cgi?id=1894079
[ 2 ] Bug #1894663 – mariadb-connector-c-3.1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1894663
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-561eed63ef’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=6aa99cc7-353586d9-6aae010b-000babd90757-5c36faaaf5d71ded&q=1&e=9db1f65b-0601-4212-9c91-0d78349480d4&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorDona Seruga
Cert idNCERT-REF-2020-11-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa freetype

Otkriven je sigurnosni nedostatak u programskom paketu freetype za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja...

Close