SUSE Package Hub - openSUSE-2022-10212

Update Info

openSUSE-2022-10212

Security update for xtrabackup

Type: security

Severity: moderate

Issued: 2022-11-23

Description:

This update for xtrabackup fixes the following issues:

Update xtrabackup to version 2.4.26:

- CVE-2020-10997: Information exposure via cmd line output and table history (boo#1170644)
- CVE-2020-29488: Changes in how absolute paths are handled (boo#1205581)

References

CVE: CVE-2020-29488
CVE: CVE-2020-10997
Bugzilla: 1205581 VUL-0: CVE-2020-29488: xtrabackup: Changes in How Absolute Paths are Handled in Percona XtraBackup xbstream
Bugzilla: 1170644 VUL-1: CVE-2020-10997: xtrabackup: information exposure via cmd line output and table history
Bugzilla: 1135095 LTO: xtrabackup build fails
Bugzilla: 1125418 GCC 9: xtrabackup build fails

Packages

xtrabackup-2.4.26-bp154.2.3.1