SUSE-CU-2025:7009-1: Security update of suse/mariadb

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Mon Sep 22 15:39:22 UTC 2025 

SUSE Container Update Advisory: suse/mariadb
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:7009-1
Container Tags        : suse/mariadb:10.11 , suse/mariadb:10.11.14 , suse/mariadb:10.11.14-71.4
Container Release     : 71.4
Severity              : moderate
Type                  : security
References            : 1239150 1239151 1249212 1249213 1249219 CVE-2023-52969 CVE-2023-52970
                        CVE-2023-52971 CVE-2025-30693 CVE-2025-30722 
-----------------------------------------------------------------

The container suse/mariadb was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3275-1
Released:    Fri Sep 19 14:16:06 2025
Summary:     Security update for mariadb
Type:        security
Severity:    moderate
References:  1239150,1239151,1249212,1249213,1249219,CVE-2023-52969,CVE-2023-52970,CVE-2023-52971,CVE-2025-30693,CVE-2025-30722
This update for mariadb fixes the following issues:

Update to version 10.11.14.

Security issues fixed:

- CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert
  or delete access to data and cause repeatable crash in MySQL server (bsc#1249213).
- CVE-2025-30722: mysqldump issue allows low privileged attacker with network access to gain unauthorized update,
  insert or delete access to data in MySQL Client (bsc#1249212).
- CVE-2023-52969: crash with empty backtrace log in MariaDB Server (bsc#1239150).
- CVE-2023-52970: crash in MariaDB Server when inserting from derived table containing insert target table
  (bsc#1239151).
- CVE-2023-52971: crash in the optimizer of MariaDB Server when processing certain queries with subqueries
  (bsc#1249219).

Release notes and changelog:
  
- https://mariadb.com/docs/release-notes/community-server/mariadb-10-11-series/mariadb-10.11.14-release-notes
- https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-10-11-series/mariadb-10.11.14-changelog
- https://mariadb.com/kb/en/mariadb-10-11-13-release-notes/
- https://mariadb.com/kb/en/mariadb-10-11-13-changelog/
- https://mariadb.com/kb/en/mariadb-10-11-12-release-notes/
- https://mariadb.com/kb/en/mariadb-10-11-12-changelog/


The following package changes have been done:

- mariadb-errormessages-10.11.14-150600.4.14.1 updated
- mariadb-tools-10.11.14-150600.4.14.1 updated
- mariadb-client-10.11.14-150600.4.14.1 updated
- mariadb-10.11.14-150600.4.14.1 updated
- container:suse-sle15-15.6-e3235826fda424ffcadb5c16b55bcdffc50fd00aa3bfe3d0e13a1b34be967169-0 updated

More information about the sle-container-updates mailing list