English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 25369
À§Çèµµ 30
Æ÷Æ® 3306
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù DB
»ó¼¼¼³¸í ¿ø°Ý È£½ºÆ®¿¡ ¼³Ä¡µÈ MariaDB ¹öÀüÀº 10.2.43 ÀÌÀüÀÔ´Ï´Ù. µû¶ó¼­ mdb-10243-rn ±Ç°í¿¡ ¾ð±ÞµÈ ¿©·¯ Ãë¾àÁ¡ÀÇ ¿µÇâÀ» ¹Þ½À´Ï´Ù.

- MariaDB 10.5.9´Â »ç¿ëÇÏÁö ¾Ê´Â °øÅë Å×À̺í Ç¥Çö½Ä(CTE)À» ÅëÇØ find_field_in_tables ¹× find_order_in_list¿¡¼­ ¾ÖÇø®ÄÉÀÌ¼Ç Å©·¡½Ã°¡ ¹ß»ýÇÕ´Ï´Ù. (CVE-2021-46661)

- MariaDB 10.5.13Àº ƯÁ¤ SELECT ¹®À» ÅëÇØ ha_maria::extra ¾ÖÇø®ÄÉÀÌ¼Ç Å©·¡½Ã°¡ ¹ß»ýÇÕ´Ï´Ù. (CVE-2021-46663)

- MariaDB 10.5.9´Â agrÀÇ NULL °ª¿¡ ´ëÇØ sub_select_postjoin_aggr¿¡¼­ Å©·¡½Ã°¡ ¹ß»ýÇÕ´Ï´Ù. (CVE-2021-46664)

- MariaDB 10.5.9´Â À߸øµÈ used_tables ¿¹»óÀ¸·Î ÀÎÇØ sql_parse.cc ÀÀ¿ë ÇÁ·Î±×·¥ Å©·¡½Ã°¡ ¹ß»ýÇÕ´Ï´Ù. (CVE-2021-46665)

- MariaDB 10.5.9´Â Àӽà µ¥ÀÌÅÍ ±¸Á¶¿¡ ´ëÇÑ ½ºÅ丮Áö ¿£Áø ¸®¼Ò½º Á¦ÇÑ°ú ºÎÀûÀýÇÏ°Ô »óÈ£ ÀÛ¿ëÇϴ ƯÁ¤ ±ä SELECT DISTINCT ¹®À» ÅëÇØ ¾ÖÇø®ÄÉÀÌ¼Ç Å©·¡½Ã°¡ ¹ß»ýÇÕ´Ï´Ù. (CVE-2021-46668)

* Âü°í »çÀÌÆ®:
https://mariadb.com/kb/en/mdb-10243-rn

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
MariaDB 10.2.43 ÀÌÀüÀÇ 10.2.x ¹öÀüµé
¸ðµç ¿î¿µÃ¼Á¦ ¸ðµç ¹öÀü
ÇØ°áÃ¥ MariaDB À¥ »çÀÌÆ®ÀÎ https://downloads.mariadb.org/ ¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Â MariaDBÀÇ °¡Àå ÃֽŠ¹öÀü(10.2.43 ÀÌ»ó)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù.
°ü·Ã URL CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668 (CVE)
°ü·Ã URL (SecurityFocus)
°ü·Ã URL (ISS)