{"id":"MGASA-2019-0147","summary":"Updated mariadb packages fix security vulnerability","details":"Vulnerability in the MariaDB Server component of MariaDB (subcomponent: Server:\nOptimizer). Easily exploitable vulnerability allows low privileged attacker\nwith network access via multiple protocols to compromise MariaDB Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MariaDB Server\n(CVE-2019-2529).\n\nVulnerability in the MariaDB Server component of MariaDB (subcomponent: Server:\nDDL). Easily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MariaDB Server. Successful\nattacks of this vulnerability can result in unauthorized ability to cause a\nhang or frequently repeatable crash (complete DOS) of MariaDB Server\n(CVE-2019-2537).\n","modified":"2026-04-16T00:10:31.489801022Z","published":"2019-04-10T22:07:23Z","upstream":["CVE-2019-2529","CVE-2019-2537"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0147.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=24624"},{"type":"WEB","url":"https://mariadb.com/kb/en/library/mariadb-10138-release-notes/"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.1.38-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0147.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}