MGASA-2021-0057 - Updated db53 packages fix a security vulnerability

Publication date: 29 Jan 2021
URL: https://advisories.mageia.org/MGASA-2021-0057.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2019-2708

Vulnerability in the Data Store component of Oracle Berkeley DB. Easily
exploitable vulnerability allows low privileged attacker having Local Logon
privilege with logon to the infrastructure where Data Store executes to
compromise Data Store. Successful attacks of this vulnerability can result in
unauthorized ability to cause a partial denial of service (partial DOS) of Data
Store (CVE-2019-2708).

References:
- https://bugs.mageia.org/show_bug.cgi?id=27960
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/OQFKX6NKU2DCW5CTCHQSOJJDFVRVTPO6/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2708

SRPMS:
- 7/core/db53-5.3.28-17.1.mga7