MGASA-2022-0035 - Updated mysql-connector-c++ packages fix security vulnerability

Publication date: 25 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0035.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-3711,
     CVE-2021-3712

Buffer overflow due to inccorect calculation in EVP_PKEY_decrypt.
(CVE-2021-3711)
Denial of Service attack due to possible non-zero terminated strings.
(CVE-2021-3712)

References:
- https://bugs.mageia.org/show_bug.cgi?id=29923
- https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712

SRPMS:
- 8/core/mysql-connector-c++-8.0.28-1.mga8