Mageia 2021-0057: db53 security update
Summary
Vulnerability in the Data Store component of Oracle Berkeley DB. Easily
exploitable vulnerability allows low privileged attacker having Local Logon
privilege with logon to the infrastructure where Data Store executes to
compromise Data Store. Successful attacks of this vulnerability can result in
unauthorized ability to cause a partial denial of service (partial DOS) of Data
Store (CVE-2019-2708).
References
- https://bugs.mageia.org/show_bug.cgi?id=27960
- https://www.oracle.com/security-alerts/cpuapr2019.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OQFKX6NKU2DCW5CTCHQSOJJDFVRVTPO6/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2708
Resolution
MGASA-2021-0057 - Updated db53 packages fix a security vulnerability
SRPMS
- 7/core/db53-5.3.28-17.1.mga7