Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-38746

Vulnerability fixes for CVE-2024-12087 and CVE-2025-68973

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Not a Bug
    • 11.4.7, 11.4.9
    • N/A
    • Docker
    • None
    • Not for Release Notes

    Description

      Current version of 11.4.7 and 11.4.9 docker images from Mariadb.org has one or both of these vulnerabilities :

      1. CVE-2024-12087 (Both 11.4.7 and 11.4.9)

      It requires update rsync library to version 3.4.0 or later.

      2. CVE-2025-68973 (only 11.4.7)
      It requires update gnupg2 to gnupg2-2.3.3-5 or later

      Could this be looked into with priority ?

      Attachments

        Activity

          People

            danblack Daniel Black
            Sahai Har Gagan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.