From 7b48df4f9e798ed8b5cfe165a371f74d1fd81562 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 20 Feb 2022 11:15:39 +0100
Subject: MariaDB: Annotate upstream version fixing several CVEs

---
 data/CVE/2021.list | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'data/CVE/2021.list')

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 639301d20d..bb930e768a 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -65,6 +65,7 @@ CVE-2021-46668 (MariaDB through 10.5.9 allows an application crash via certain l
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25787
+	NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
 CVE-2021-46667 (MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an ...)
 	- mariadb-10.6 1:10.6.5-1
 	- mariadb-10.5 <removed>
@@ -83,16 +84,19 @@ CVE-2021-46665 (MariaDB through 10.5.9 allows a sql_parse.cc application crash b
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25636
+	NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
 CVE-2021-46664 (MariaDB through 10.5.9 allows an application crash in sub_select_postj ...)
 	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25761
+	NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
 CVE-2021-46663 (MariaDB through 10.5.13 allows a ha_maria::extra application crash via ...)
 	- mariadb-10.6 1:10.6.7-1
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-26351
+	NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
 CVE-2021-46662 (MariaDB through 10.5.9 allows a set_var.cc application crash via certa ...)
 	- mariadb-10.6 1:10.6.5-1
 	- mariadb-10.5 <removed>
@@ -105,6 +109,7 @@ CVE-2021-46661 (MariaDB through 10.5.9 allows an application crash in find_field
 	- mariadb-10.5 <removed>
 	- mariadb-10.3 <removed>
 	NOTE: https://jira.mariadb.org/browse/MDEV-25766
+	NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
 CVE-2021-4218
 	RESERVED
 	- linux 5.8.7-1
-- 
cgit v1.2.3