SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3275

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3275

Security update for mariadb

Type: security

Severity: moderate

Issued: 2025-09-19

Description:

This update for mariadb fixes the following issues:

Update to version 10.11.14.

Security issues fixed:

- CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert
  or delete access to data and cause repeatable crash in MySQL server (bsc#1249213).
- CVE-2025-30722: mysqldump issue allows low privileged attacker with network access to gain unauthorized update,
  insert or delete access to data in MySQL Client (bsc#1249212).
- CVE-2023-52969: crash with empty backtrace log in MariaDB Server (bsc#1239150).
- CVE-2023-52970: crash in MariaDB Server when inserting from derived table containing insert target table
  (bsc#1239151).
- CVE-2023-52971: crash in the optimizer of MariaDB Server when processing certain queries with subqueries
  (bsc#1249219).

Release notes and changelog:
  
- https://mariadb.com/docs/release-notes/community-server/mariadb-10-11-series/mariadb-10.11.14-release-notes
- https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-10-11-series/mariadb-10.11.14-changelog
- https://mariadb.com/kb/en/mariadb-10-11-13-release-notes/
- https://mariadb.com/kb/en/mariadb-10-11-13-changelog/
- https://mariadb.com/kb/en/mariadb-10-11-12-release-notes/
- https://mariadb.com/kb/en/mariadb-10-11-12-changelog/

References

Packages

mariadb-10.11.14-150600.4.14.1