Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-38746

Vulnerability fixes for CVE-2024-12087 and CVE-2025-68973

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Not a Bug
    • 11.4.7, 11.4.9
    • N/A
    • Docker
    • None
    • Not for Release Notes

    Description

      Current version of 11.4.7 and 11.4.9 docker images from Mariadb.org has one or both of these vulnerabilities :

      1. CVE-2024-12087 (Both 11.4.7 and 11.4.9)

      It requires update rsync library to version 3.4.0 or later.

      2. CVE-2025-68973 (only 11.4.7)
      It requires update gnupg2 to gnupg2-2.3.3-5 or later

      Could this be looked into with priority ?

      Attachments

        Activity

          People

            danblack Daniel Black
            Sahai Har Gagan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0d
                0d
                Logged:
                Time Spent - 0.75h
                0.75h

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.