{"affected":[{"ecosystem_specific":{"binaries":[{"mariadb-galera":"10.11.14-150600.4.14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP6","name":"mariadb","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"10.11.14-150600.4.14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libmariadbd-devel":"10.11.14-150600.4.14.1","libmariadbd19":"10.11.14-150600.4.14.1","mariadb":"10.11.14-150600.4.14.1","mariadb-client":"10.11.14-150600.4.14.1","mariadb-errormessages":"10.11.14-150600.4.14.1","mariadb-tools":"10.11.14-150600.4.14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP6","name":"mariadb","purl":"pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"10.11.14-150600.4.14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libmariadbd-devel":"10.11.14-150600.4.14.1","libmariadbd19":"10.11.14-150600.4.14.1","mariadb":"10.11.14-150600.4.14.1","mariadb-bench":"10.11.14-150600.4.14.1","mariadb-client":"10.11.14-150600.4.14.1","mariadb-errormessages":"10.11.14-150600.4.14.1","mariadb-galera":"10.11.14-150600.4.14.1","mariadb-rpm-macros":"10.11.14-150600.4.14.1","mariadb-test":"10.11.14-150600.4.14.1","mariadb-tools":"10.11.14-150600.4.14.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"mariadb","purl":"pkg:rpm/opensuse/mariadb&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"10.11.14-150600.4.14.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for mariadb fixes the following issues:\n\nUpdate to version 10.11.14.\n\nSecurity issues fixed:\n\n- CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert\n  or delete access to data and cause repeatable crash in MySQL server (bsc#1249213).\n- CVE-2025-30722: mysqldump issue allows low privileged attacker with network access to gain unauthorized update,\n  insert or delete access to data in MySQL Client (bsc#1249212).\n- CVE-2023-52969: crash with empty backtrace log in MariaDB Server (bsc#1239150).\n- CVE-2023-52970: crash in MariaDB Server when inserting from derived table containing insert target table\n  (bsc#1239151).\n- CVE-2023-52971: crash in the optimizer of MariaDB Server when processing certain queries with subqueries\n  (bsc#1249219).\n\nRelease notes and changelog:\n  \n- https://mariadb.com/docs/release-notes/community-server/mariadb-10-11-series/mariadb-10.11.14-release-notes\n- https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-10-11-series/mariadb-10.11.14-changelog\n- https://mariadb.com/kb/en/mariadb-10-11-13-release-notes/\n- https://mariadb.com/kb/en/mariadb-10-11-13-changelog/\n- https://mariadb.com/kb/en/mariadb-10-11-12-release-notes/\n- https://mariadb.com/kb/en/mariadb-10-11-12-changelog/\n","id":"SUSE-SU-2025:03275-1","modified":"2025-09-19T12:16:08Z","published":"2025-09-19T12:16:08Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202503275-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239150"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239151"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249212"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249213"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249219"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52969"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52970"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52971"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-30693"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-30722"}],"related":["CVE-2023-52969","CVE-2023-52970","CVE-2023-52971","CVE-2025-30693","CVE-2025-30722"],"summary":"Security update for mariadb","upstream":["CVE-2023-52969","CVE-2023-52970","CVE-2023-52971","CVE-2025-30693","CVE-2025-30722"]}