Track MariaDB as well for CVE-2020-2574

All MariaDB updates are actually very intransparent. Upstream apparently consider CVE-2020-2574 as well various other MariaDB versions (apparently but any other CVE from the Oracle CPU from January?) and fixed in 5.5.67, 10.1.44, 10.2.31, 10.3.22 and 10.4.12. Add tracking for src:mariadb-10.3 and src:mariadb-10.1 repsectively.
author: Salvatore Bonaccorso <carnil@debian.org> 2020-01-29 09:48:56 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-01-29 09:48:56 +0100
commit: de0065bed62e4f5a58600bb3231a4ab875303f75 (patch)
tree: 7d24f6c26af092061d7ae1c0590ccefe4173464e /data
parent: 911f252f45d1a5571bf5f00216d1ed0a0038fbff (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index a19620ac8b..272648dce5 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -13833,7 +13833,10 @@ CVE-2020-2575
 	RESERVED
 CVE-2020-2574 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #949994)
+	- mariadb-10.3 1:10.3.22-1
+	- mariadb-10.1 <removed>
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
+	NOTE: Fixed in MariaDB: 5.5.67, 10.1.44, 10.2.31, 10.3.22, 10.4.12
 CVE-2020-2573 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #949994)
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
author	Salvatore Bonaccorso <carnil@debian.org>	2020-01-29 09:48:56 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-01-29 09:48:56 +0100
commit	de0065bed62e4f5a58600bb3231a4ab875303f75 (patch)
tree	7d24f6c26af092061d7ae1c0590ccefe4173464e /data
parent	911f252f45d1a5571bf5f00216d1ed0a0038fbff (diff)