Track MariaDB as well for CVE-2020-2574

All MariaDB updates are actually very intransparent. Upstream apparently consider CVE-2020-2574 as well various other MariaDB versions (apparently but any other CVE from the Oracle CPU from January?) and fixed in 5.5.67, 10.1.44, 10.2.31, 10.3.22 and 10.4.12. Add tracking for src:mariadb-10.3 and src:mariadb-10.1 repsectively.
author: Salvatore Bonaccorso <carnil@debian.org> 2020-01-29 09:48:56 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-01-29 09:48:56 +0100
commit: df7ec95bffd8b12fb4260351adb4c229487e397a (patch)
tree: cb9107821b3893d2cf2430be0711a3911f5bdaff
parent: 1a8950be3e7e1054ad006bfb01b5ff40a805486f (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index bf1fae8508..51e90d4994 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -11929,7 +11929,10 @@ CVE-2020-2575
 	RESERVED
 CVE-2020-2574 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #949994)
+	- mariadb-10.3 1:10.3.22-1
+	- mariadb-10.1 <removed>
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
+	NOTE: Fixed in MariaDB: 5.5.67, 10.1.44, 10.2.31, 10.3.22, 10.4.12
 CVE-2020-2573 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #949994)
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
author	Salvatore Bonaccorso <carnil@debian.org>	2020-01-29 09:48:56 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-01-29 09:48:56 +0100
commit	df7ec95bffd8b12fb4260351adb4c229487e397a (patch)
tree	cb9107821b3893d2cf2430be0711a3911f5bdaff
parent	1a8950be3e7e1054ad006bfb01b5ff40a805486f (diff)