MGASA-2022-0035 - Updated mysql-connector-c++ packages fix security vulnerability
Publication date: 25 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0035.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-3711,
CVE-2021-3712
Buffer overflow due to inccorect calculation in EVP_PKEY_decrypt.
(CVE-2021-3711)
Denial of Service attack due to possible non-zero terminated strings.
(CVE-2021-3712)
References:
- https://bugs.mageia.org/show_bug.cgi?id=29923
- https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
SRPMS:
- 8/core/mysql-connector-c++-8.0.28-1.mga8
Mageia 2022-0035: mysql-connector-c++ security update
Buffer overflow due to inccorect calculation in EVP_PKEY_decrypt
Summary
Buffer overflow due to inccorect calculation in EVP_PKEY_decrypt.
(CVE-2021-3711)
Denial of Service attack due to possible non-zero terminated strings.
(CVE-2021-3712)
References
- https://bugs.mageia.org/show_bug.cgi?id=29923
- https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
Resolution
MGASA-2022-0035 - Updated mysql-connector-c++ packages fix security vulnerability
SRPMS
- 8/core/mysql-connector-c++-8.0.28-1.mga8
Severity
Publication date: 25 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0035.html
Type: security
CVE: CVE-2021-3711,
CVE-2021-3712
News
HOWTOs
Features
What You Need to Know about the Sysrv-K Cryptomining Botnet in Less than a Minute
Strengthen Your Linux Endpoint Security & Zero Trust Strategy with Defense-in-Depth & Endpoint Encryption
Call for Contributors with Knowledge of Linux Firewalls!
How To Create a Transparent Proxy through the Tor Network to Protect Your Privacy Online with archtorify & kalitorify
You are Tracked Online - Why? And How To Avoid Being Tracked Online
About Us
Powered By
