Merge pull request #636 from jmrenouard/master
New actions for MySQL tuner
This commit is contained in:
		
						commit
						9d72aeddab
					
				
					 7 changed files with 151 additions and 25 deletions
				
			
		|  | @ -1,15 +1,9 @@ | ||||||
| # This is a basic workflow to help you get started with Actions | # This is a basic workflow to help you get started with Actions | ||||||
| 
 | 
 | ||||||
| name: CI for MySQL Tuner | name: Compile MT examples | ||||||
| 
 | 
 | ||||||
| # Controls when the workflow will run | # Controls when the workflow will run | ||||||
| on: | on: | ||||||
|   # Triggers the workflow on push or pull request events but only for the master branch |  | ||||||
|   push: |  | ||||||
|     branches: [ master ] |  | ||||||
|   pull_request: |  | ||||||
|     branches: [ master ] |  | ||||||
| 
 |  | ||||||
|   # Allows you to run this workflow manually from the Actions tab |   # Allows you to run this workflow manually from the Actions tab | ||||||
|   workflow_dispatch: |   workflow_dispatch: | ||||||
| 
 | 
 | ||||||
|  | @ -50,14 +44,6 @@ jobs: | ||||||
|           cd - |           cd - | ||||||
|           rm -rf test_db |           rm -rf test_db | ||||||
|       # Runs a single command using the runners shell |       # Runs a single command using the runners shell | ||||||
|       - name: Run help mode |  | ||||||
|         run: perl ./mysqltuner.pl --help |  | ||||||
| 
 |  | ||||||
|       # Runs a single command using the runners shell |  | ||||||
|       - name: Run verbose mode |  | ||||||
|         run: sudo perl ./mysqltuner.pl --user=root --pass=root --protocol tcp --verbose |  | ||||||
| 
 |  | ||||||
|       # Runs a single command using the runners shell |  | ||||||
|       - name: Run verbose mode with dumpdir result |       - name: Run verbose mode with dumpdir result | ||||||
|         run: | |         run: | | ||||||
|           mkdir -p ./examples/github/result |           mkdir -p ./examples/github/result | ||||||
|  | @ -69,5 +55,5 @@ jobs: | ||||||
|           git config --global user.name "Jean-Marie Renouard" |           git config --global user.name "Jean-Marie Renouard" | ||||||
|           git config --global user.email "jmrenouard@gmail.com" |           git config --global user.email "jmrenouard@gmail.com" | ||||||
|           git add . |           git add . | ||||||
|           git commit -m "Commit example result" |           git commit -m "Commit example result for employees database for Actions" | ||||||
|           git push |           git push | ||||||
							
								
								
									
										42
									
								
								.github/workflows/pull_request.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										42
									
								
								.github/workflows/pull_request.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1,42 @@ | ||||||
|  | # This is a basic workflow to help you get started with Actions | ||||||
|  | 
 | ||||||
|  | name: CI for MySQL Tuner | ||||||
|  | 
 | ||||||
|  | # Controls when the workflow will run | ||||||
|  | on: | ||||||
|  |   # Triggers the workflow on push or pull request events but only for the master branch | ||||||
|  |   push: | ||||||
|  |     branches: [ master ] | ||||||
|  |   pull_request: | ||||||
|  |     branches: [ master ] | ||||||
|  | 
 | ||||||
|  |   # Allows you to run this workflow manually from the Actions tab | ||||||
|  |   workflow_dispatch: | ||||||
|  | 
 | ||||||
|  | # A workflow run is made up of one or more jobs that can run sequentially or in parallel | ||||||
|  | jobs: | ||||||
|  |   # This workflow contains a single job called "build" | ||||||
|  |   build: | ||||||
|  |     # The type of runner that the job will run on | ||||||
|  |     runs-on: ubuntu-latest | ||||||
|  | 
 | ||||||
|  |     # Steps represent a sequence of tasks that will be executed as part of the job | ||||||
|  |     steps: | ||||||
|  |       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||||||
|  |       - name: Setup MySQL Tuner repository | ||||||
|  |         uses: actions/checkout@v3 | ||||||
|  | 
 | ||||||
|  |       - name: Set up MySQL | ||||||
|  |         uses: mirromutth/mysql-action@v1.1 | ||||||
|  |         with: | ||||||
|  |           mysql root password: "root" | ||||||
|  |           mysql version: "8.0" | ||||||
|  | 
 | ||||||
|  |       - name: Run help mode | ||||||
|  |         run: | | ||||||
|  |           sleep 20s | ||||||
|  |           sudo perl ./mysqltuner.pl --help | ||||||
|  | 
 | ||||||
|  |       # Runs a single command using the runners shell | ||||||
|  |       - name: Run verbose mode | ||||||
|  |         run: sudo perl ./mysqltuner.pl --user=root --pass=root --protocol tcp --verbose | ||||||
							
								
								
									
										52
									
								
								.github/workflows/run_mt_with_db.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										52
									
								
								.github/workflows/run_mt_with_db.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1,52 @@ | ||||||
|  | # This is a basic workflow to help you get started with Actions | ||||||
|  | 
 | ||||||
|  | name: Test with databases | ||||||
|  | 
 | ||||||
|  | # Controls when the workflow will run | ||||||
|  | on: | ||||||
|  |   # Allows you to run this workflow manually from the Actions tab | ||||||
|  |   workflow_dispatch: | ||||||
|  | 
 | ||||||
|  | # A workflow run is made up of one or more jobs that can run sequentially or in parallel | ||||||
|  | jobs: | ||||||
|  |   # This workflow contains a single job called "build" | ||||||
|  |   build: | ||||||
|  |     # The type of runner that the job will run on | ||||||
|  |     runs-on: ubuntu-latest | ||||||
|  | 
 | ||||||
|  |     # Steps represent a sequence of tasks that will be executed as part of the job | ||||||
|  |     steps: | ||||||
|  |       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||||||
|  |       - name: Setup MySQL Tuner repository | ||||||
|  |         uses: actions/checkout@v3 | ||||||
|  | 
 | ||||||
|  |       - name: Set up MySQL | ||||||
|  |         uses: mirromutth/mysql-action@v1.1 | ||||||
|  |         with: | ||||||
|  |           mysql root password: "root" | ||||||
|  |           mysql version: "8.0" | ||||||
|  |       - name: Injecting credentials | ||||||
|  |         run: | | ||||||
|  |           echo -e "[client]\nuser=root\npassword=root\nhost=127.0.0.1\nprotocol=TCP" > $HOME/.my.cnf | ||||||
|  |        | ||||||
|  |       - name: Cloning test_db dataset | ||||||
|  |         run: | | ||||||
|  |           git clone https://github.com/datacharmer/test_db.git | ||||||
|  | 
 | ||||||
|  |       - name: Injecting test_db dataset | ||||||
|  |         run: | | ||||||
|  |           sleep 5s | ||||||
|  |           cd test_db | ||||||
|  |           netstat -ltpn | ||||||
|  |           mysql -e 'select version();' | ||||||
|  |           mysql -e 'CREATE DATABASE data;' | ||||||
|  |           mysql data< ./employees.sql | ||||||
|  |           cd - | ||||||
|  |           rm -rf test_db | ||||||
|  |       # Runs a single command using the runners shell | ||||||
|  |       - name: Run help mode | ||||||
|  |         run: perl ./mysqltuner.pl --help | ||||||
|  | 
 | ||||||
|  |       # Runs a single command using the runners shell | ||||||
|  |       - name: Run verbose mode | ||||||
|  |         run: sudo perl ./mysqltuner.pl --user=root --pass=root --protocol tcp --verbose | ||||||
							
								
								
									
										45
									
								
								.github/workflows/update_cve_and_docs.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										45
									
								
								.github/workflows/update_cve_and_docs.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1,45 @@ | ||||||
|  | # This is a basic workflow to help you get started with Actions | ||||||
|  | 
 | ||||||
|  | name: CVE and Docs update | ||||||
|  | 
 | ||||||
|  | # Controls when the workflow will run | ||||||
|  | on: | ||||||
|  |   # Allows you to run this workflow manually from the Actions tab | ||||||
|  |   workflow_dispatch: | ||||||
|  | 
 | ||||||
|  | # A workflow run is made up of one or more jobs that can run sequentially or in parallel | ||||||
|  | jobs: | ||||||
|  |   # This workflow contains a single job called "build" | ||||||
|  |   build: | ||||||
|  |     # The type of runner that the job will run on | ||||||
|  |     runs-on: ubuntu-latest | ||||||
|  | 
 | ||||||
|  |     # Steps represent a sequence of tasks that will be executed as part of the job | ||||||
|  |     steps: | ||||||
|  |       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||||||
|  |       - name: Setup MySQL Tuner repository | ||||||
|  |         uses: actions/checkout@v3 | ||||||
|  | 
 | ||||||
|  |       - name: Install dependencies | ||||||
|  |         run: | | ||||||
|  |           pwd | ||||||
|  |           cd build | ||||||
|  |           pwd | ||||||
|  |           sudo bash ./installStaff.sh | ||||||
|  | 
 | ||||||
|  |       - name: Update CVE and docs | ||||||
|  |         run: | | ||||||
|  |           pwd | ||||||
|  |           cd ./build | ||||||
|  |           pwd | ||||||
|  |           sudo bash ./updateStaff.sh | ||||||
|  | 
 | ||||||
|  |       # Runs a single command using the runners shell | ||||||
|  |       - name: Commit CVE result to repo | ||||||
|  |         run: | | ||||||
|  |           pwd | ||||||
|  |           sudo git config --global user.name "Jean-Marie Renouard" | ||||||
|  |           sudo git config --global user.email "jmrenouard@gmail.com" | ||||||
|  |           sudo git add ./vulnerabilities.csv ./mysqltuner.pl ./USAGE.md | ||||||
|  |           sudo git commit -m "Updates CVE and docs (via Actions) - $(date +'%Y-%m-%d')" | ||||||
|  |           sudo git push | ||||||
|  | @ -10,6 +10,6 @@ echo "* Update CVE list" | ||||||
| perl updateCVElist.pl | perl updateCVElist.pl | ||||||
| dos2unix ../mysqltuner.pl | dos2unix ../mysqltuner.pl | ||||||
| git add ../vulnerabilities.csv ../mysqltuner.pl ../USAGE.md | git add ../vulnerabilities.csv ../mysqltuner.pl ../USAGE.md | ||||||
| git commit -m 'Update Vulnerabilities list | #git commit -m 'Update Vulnerabilities list | ||||||
| Indenting mysqltuner | #Indenting mysqltuner | ||||||
| Update Usage information' | #Update Usage information' | ||||||
|  |  | ||||||
|  | @ -212,7 +212,7 @@ if ( $opt{verbose} ) { | ||||||
| $opt{nocolor} = 1 if defined( $opt{outputfile} ); | $opt{nocolor} = 1 if defined( $opt{outputfile} ); | ||||||
| $opt{tbstat}  = 0 if ( $opt{notbstat} == 1 );    # Don't print table information | $opt{tbstat}  = 0 if ( $opt{notbstat} == 1 );    # Don't print table information | ||||||
| $opt{colstat} = 0 if ( $opt{nocolstat} == 1 );  # Don't print column information | $opt{colstat} = 0 if ( $opt{nocolstat} == 1 );  # Don't print column information | ||||||
| $opt{dbstat} = 0 if ( $opt{nodbstat} == 1 );  # Don't print database information | $opt{dbstat}  = 0 if ( $opt{nodbstat} == 1 ); # Don't print database information | ||||||
| $opt{noprocess} = 0 | $opt{noprocess} = 0 | ||||||
|   if ( $opt{noprocess} == 1 );                # Don't print process information |   if ( $opt{noprocess} == 1 );                # Don't print process information | ||||||
| $opt{sysstat} = 0 if ( $opt{nosysstat} == 1 ); # Don't print sysstat information | $opt{sysstat} = 0 if ( $opt{nosysstat} == 1 ); # Don't print sysstat information | ||||||
|  | @ -1309,8 +1309,8 @@ sub get_all_vars { | ||||||
|     my @lineitems = (); |     my @lineitems = (); | ||||||
|     foreach my $line (@mysqlslaves) { |     foreach my $line (@mysqlslaves) { | ||||||
|         debugprint "L: $line "; |         debugprint "L: $line "; | ||||||
|         @lineitems = split /\s+/, $line; |         @lineitems                                        = split /\s+/, $line; | ||||||
|         $myslaves{ $lineitems[0] } = $line; |         $myslaves{ $lineitems[0] }                        = $line; | ||||||
|         $result{'Replication'}{'Slaves'}{ $lineitems[0] } = $lineitems[4]; |         $result{'Replication'}{'Slaves'}{ $lineitems[0] } = $lineitems[4]; | ||||||
|     } |     } | ||||||
| } | } | ||||||
|  | @ -1461,7 +1461,7 @@ sub log_file_recommendations { | ||||||
|         $numLi++; |         $numLi++; | ||||||
|         debugprint "$numLi: $logLi" |         debugprint "$numLi: $logLi" | ||||||
|           if $logLi =~ /warning|error/i and $logLi !~ /Logging to/; |           if $logLi =~ /warning|error/i and $logLi !~ /Logging to/; | ||||||
|         $nbErrLog++  if $logLi =~ /error/i and $logLi !~ /Logging to/; |         $nbErrLog++ if $logLi =~ /error/i and $logLi !~ /Logging to/; | ||||||
|         $nbWarnLog++ if $logLi =~ /warning/i; |         $nbWarnLog++ if $logLi =~ /warning/i; | ||||||
|         push @lastShutdowns, $logLi |         push @lastShutdowns, $logLi | ||||||
|           if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i; |           if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i; | ||||||
|  | @ -2225,7 +2225,7 @@ sub get_replication_status { | ||||||
|           "This replication slave is not running but seems to be configured."; |           "This replication slave is not running but seems to be configured."; | ||||||
|     } |     } | ||||||
|     if (   defined($io_running) |     if (   defined($io_running) | ||||||
|         && $io_running =~ /yes/i |         && $io_running  =~ /yes/i | ||||||
|         && $sql_running =~ /yes/i ) |         && $sql_running =~ /yes/i ) | ||||||
|     { |     { | ||||||
|         if ( $myvar{'read_only'} eq 'OFF' ) { |         if ( $myvar{'read_only'} eq 'OFF' ) { | ||||||
|  |  | ||||||
							
								
								
									
										3
									
								
								vulnerabilities.csv
									
									
									
									
									
										
										
										Normal file → Executable file
									
								
							
							
						
						
									
										3
									
								
								vulnerabilities.csv
									
									
									
									
									
										
										
										Normal file → Executable file
									
								
							|  | @ -1713,7 +1713,8 @@ | ||||||
| 8.0.30;8;0;30;CVE-2022-39408;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20221028-0013/   |   FEDORA:FEDORA-2023-d332f0b6a3   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EG3VBUHKCUXVWBSCD2FHCWIAMZO4X3PR/   |   FEDORA:FEDORA-2023-e449235964   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGZ4B5IQJEZQFSXGCZKSJ6GO3HLQ6URQ/   |   MISC:https://www.oracle.com/security-alerts/cpuoct2022.html   |   URL:https://www.oracle.com/security-alerts/cpuoct2022.html";Assigned (20220902);"None (candidate not yet proposed)";"" | 8.0.30;8;0;30;CVE-2022-39408;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20221028-0013/   |   FEDORA:FEDORA-2023-d332f0b6a3   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EG3VBUHKCUXVWBSCD2FHCWIAMZO4X3PR/   |   FEDORA:FEDORA-2023-e449235964   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGZ4B5IQJEZQFSXGCZKSJ6GO3HLQ6URQ/   |   MISC:https://www.oracle.com/security-alerts/cpuoct2022.html   |   URL:https://www.oracle.com/security-alerts/cpuoct2022.html";Assigned (20220902);"None (candidate not yet proposed)";"" | ||||||
| 8.0.30;8;0;30;CVE-2022-39410;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20221028-0013/   |   FEDORA:FEDORA-2023-d332f0b6a3   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EG3VBUHKCUXVWBSCD2FHCWIAMZO4X3PR/   |   FEDORA:FEDORA-2023-e449235964   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGZ4B5IQJEZQFSXGCZKSJ6GO3HLQ6URQ/   |   MISC:https://www.oracle.com/security-alerts/cpuoct2022.html   |   URL:https://www.oracle.com/security-alerts/cpuoct2022.html";Assigned (20220902);"None (candidate not yet proposed)";"" | 8.0.30;8;0;30;CVE-2022-39410;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20221028-0013/   |   FEDORA:FEDORA-2023-d332f0b6a3   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EG3VBUHKCUXVWBSCD2FHCWIAMZO4X3PR/   |   FEDORA:FEDORA-2023-e449235964   |   URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGZ4B5IQJEZQFSXGCZKSJ6GO3HLQ6URQ/   |   MISC:https://www.oracle.com/security-alerts/cpuoct2022.html   |   URL:https://www.oracle.com/security-alerts/cpuoct2022.html";Assigned (20220902);"None (candidate not yet proposed)";"" | ||||||
| 1.3.0;1;3;0;CVE-2022-40955;Candidate;"In versions of Apache InLong prior to 1.3.0; an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database; could cause this data to be deserialized by Apache InLong; potentially leading to Remote Code Execution on the Apache InLong server. Users are advised to upgrade to Apache InLong 1.3.0 or newer.";"MISC:[oss-security] 20220922 CVE-2022-40955: Deserialization attack in Apache InLong prior to version 1.3.0 allows RCE via JDBC   |   URL:http://www.openwall.com/lists/oss-security/2022/09/22/5   |   MISC:https://lists.apache.org/thread/r1r34y7bchrpmp9jhfdoohzdmk7pj1q1   |   URL:https://lists.apache.org/thread/r1r34y7bchrpmp9jhfdoohzdmk7pj1q1";Assigned (20220919);"None (candidate not yet proposed)";"" | 1.3.0;1;3;0;CVE-2022-40955;Candidate;"In versions of Apache InLong prior to 1.3.0; an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database; could cause this data to be deserialized by Apache InLong; potentially leading to Remote Code Execution on the Apache InLong server. Users are advised to upgrade to Apache InLong 1.3.0 or newer.";"MISC:[oss-security] 20220922 CVE-2022-40955: Deserialization attack in Apache InLong prior to version 1.3.0 allows RCE via JDBC   |   URL:http://www.openwall.com/lists/oss-security/2022/09/22/5   |   MISC:https://lists.apache.org/thread/r1r34y7bchrpmp9jhfdoohzdmk7pj1q1   |   URL:https://lists.apache.org/thread/r1r34y7bchrpmp9jhfdoohzdmk7pj1q1";Assigned (20220919);"None (candidate not yet proposed)";"" | ||||||
| 1.3.0;1;3;0;CVE-2022-44644;Candidate;"In Apache Linkis <=1.3.0 when used with the MySQL Connector/J; an authenticated attacker could read arbitrary local file by connecting a rogue mysql server; By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore; the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3";"MISC:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h   |   URL:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h";Assigned (20221103);"None (candidate not yet proposed)";"" | 1.3.0;1;3;0;CVE-2022-44644;Candidate;"In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module; an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server; By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore; the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1";"MISC:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h   |   URL:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h";Assigned (20221103);"None (candidate not yet proposed)";"" | ||||||
|  | 1.3.1;1;3;1;CVE-2022-44644;Candidate;"In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module; an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server; By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore; the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1";"MISC:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h   |   URL:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h";Assigned (20221103);"None (candidate not yet proposed)";"" | ||||||
| 3.17.0;3;17;0;CVE-2022-45136;Candidate;"** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a result an application using Apache Jena SDB can be subject to RCE when connected to a malicious database server. Apache Jena SDB has been EOL since December 2020 and users should migrate to alternative options e.g. Apache Jena TDB 2.";"MISC:https://lists.apache.org/thread/mc77cdl5stgjtjoldk467gdf756qjt31   |   URL:https://lists.apache.org/thread/mc77cdl5stgjtjoldk467gdf756qjt31   |   MLIST:[oss-security] 20221114 CVE-2022-45136: JDBC Deserialisation in Apache Jena SDB   |   URL:http://www.openwall.com/lists/oss-security/2022/11/14/5";Assigned (20221110);"None (candidate not yet proposed)";"" | 3.17.0;3;17;0;CVE-2022-45136;Candidate;"** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a result an application using Apache Jena SDB can be subject to RCE when connected to a malicious database server. Apache Jena SDB has been EOL since December 2020 and users should migrate to alternative options e.g. Apache Jena TDB 2.";"MISC:https://lists.apache.org/thread/mc77cdl5stgjtjoldk467gdf756qjt31   |   URL:https://lists.apache.org/thread/mc77cdl5stgjtjoldk467gdf756qjt31   |   MLIST:[oss-security] 20221114 CVE-2022-45136: JDBC Deserialisation in Apache Jena SDB   |   URL:http://www.openwall.com/lists/oss-security/2022/11/14/5";Assigned (20221110);"None (candidate not yet proposed)";"" | ||||||
| 10.3.33;10;3;33;CVE-2022-47015;Candidate;"MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.";"CONFIRM:https://security.netapp.com/advisory/ntap-20230309-0009/   |   MISC:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954   |   URL:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954";Assigned (20221212);"None (candidate not yet proposed)";"" | 10.3.33;10;3;33;CVE-2022-47015;Candidate;"MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.";"CONFIRM:https://security.netapp.com/advisory/ntap-20230309-0009/   |   MISC:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954   |   URL:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954";Assigned (20221212);"None (candidate not yet proposed)";"" | ||||||
| 10.9.2;10;9;2;CVE-2022-47015;Candidate;"MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.";"CONFIRM:https://security.netapp.com/advisory/ntap-20230309-0009/   |   MISC:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954   |   URL:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954";Assigned (20221212);"None (candidate not yet proposed)";"" | 10.9.2;10;9;2;CVE-2022-47015;Candidate;"MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.";"CONFIRM:https://security.netapp.com/advisory/ntap-20230309-0009/   |   MISC:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954   |   URL:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954";Assigned (20221212);"None (candidate not yet proposed)";"" | ||||||
|  |  | ||||||
| Can't render this file because it is too large. | 
		Loading…
	
		Reference in a new issue
	
	 Jean-Marie Renouard
						Jean-Marie Renouard