Release date:
2026-07-06 17:07:56 UTC
Description:
- CVE-2026-49261: reject shell-unsafe characters in Galera joiner node
name and incoming address before interpolating into wsrep_notify_cmd
- CVE-2026-48165: validate wsrep_sst_receive_address and wsrep_sst_donor
for accepted characters to block SST shell command injection
- CVE-2026-44168: add safe() helper and validate joiner-supplied params
in the mariabackup SST donor path against shell command injection
- CVE-2026-48163: validate joiner-supplied parameters in the rsync SST
donor path against shell command injection
- CVE-2026-44172: correct big5 lead/tail byte validation in the bundled
Connector/C so mysql_real_escape_string cannot be bypassed via big5
Updated packages:
-
mariadb-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:9109a190e6d30a826c059446a115d3a21f37a1df784090655085ed4764290b8b
-
mariadb-backup-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:6cef8266245f5293bcfc246db76c4d54d49125e5e944f025fe2be0e00f4b7bc3
-
mariadb-common-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:95b0fbe41153b0a0646640af88fbfd092206df0d96b298f1ed3e6cb890f43c28
-
mariadb-devel-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:7287fe12157ee56bbbd206f6ca9dc3659360429c622ba42de1a799df68306ce1
-
mariadb-embedded-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:3a1d38a86a7680b1ede7bc7af4082b13b052ce5cc1bc028750f9ccffb0a2bf1b
-
mariadb-embedded-devel-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:8fb474b63869fb111bd3558643cae5e5d948c8a00ef2dbdcae6f654009b59f67
-
mariadb-errmsg-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:fe5d5acae12589a488b670f2d1a369c1347d20e77bd3f511c340ac5b0865793f
-
mariadb-gssapi-server-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:3d0442de6af97080dc4099b9007143930002226c392d6b79547c503a2f827d9f
-
mariadb-oqgraph-engine-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:a916396d495a58331531866b335b5dd0d9e1a3aeb6d81e20dd68111ee00340ad
-
mariadb-pam-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:511c1efd557f7310d986fe017f8802f398202131297bcd1ded7516b985b68f3c
-
mariadb-server-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:4472a79b2042732ef38a006fad6b82e3bfe48b0198c649c603cf86efb0f67580
-
mariadb-server-galera-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:c1d68bf4cac788dbceeb84bd7d46255829087b8eb01cf92933312914292e531b
-
mariadb-server-utils-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:d93e42e1ad124cbbb2decebd1faf62eec67a7e18b0ea28cb9b6ce5a266239a68
-
mariadb-test-10.5.29-1.el9_2.alma.1.tuxcare.els2.x86_64.rpm
sha:b305538de16493b82c2baf0e7b5682c836be209e557cc92e8e9ae74eb7ed2c16
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.