MGASA-2020-0404 - Updated mariadb packages fix security vulnerabilities

Publication date: 08 Nov 2020
URL: https://advisories.mageia.org/MGASA-2020-0404.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-14765,
     CVE-2020-14776,
     CVE-2020-14789,
     CVE-2020-14812

The latest release of mariadb fixes some undisclosed easily exploitable 
vulnerabilities. (CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 and
CVE-2020-14812).

Additionally some bugs are fixed:
- Temporary tables can overwrite existing files (MDEV-23569)
- Crash on SELECT on a table with indexed virtual columns (MDEV-18366)
- Fixed a bug in the recovery of encrypted tables (MDEV-23456)
- Diskspace not reused for BLOB in data file (MDEV-23072)
- CREATE TEMPORARY TABLE .. LIKE (system versioned table) returns error if 
unique index is defined in the table (MDEV-23968)
- CREATE .. SELECT wrong result on join versioned table (MDEV-23799)

References:
- https://bugs.mageia.org/show_bug.cgi?id=27558
- https://mariadb.com/kb/en/mariadb-10326-release-notes/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14765
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14776
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14789
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14812

SRPMS:
- 7/core/mariadb-10.3.26-1.mga7