ELA-1501-1 mariadb-10.3 security update

Package : mariadb-10.3
Version : 1:10.3.39-0+deb10u4 (buster)

Related CVEs :
CVE-2023-52968
CVE-2023-52969
CVE-2023-52970

Multiple vulnerabilities were fixed in MariaDB 10.3, a popular database engine.

CVE-2023-52968
A Deny Of Service (DoS) was found in MariaDB. MariaDB server may call
fix_fields_if_needed under mysql_derived_prepare when derived is not yet
prepared, leading to a find_field_in_table crash.

CVE-2023-52969
MariaDB may crash with an empty backtrace log. This may be related
to make_aggr_tables_info and optimize_stage2.

CVE-2023-52968
MariaDB may crash in Item_direct_view_ref::derived_field_transformer_for_where.

ELA-1501-1 mariadb-10.3 security update