Comment 22 for bug 2045452

This bug was fixed in the package mariadb-10.3 - 1:10.3.39-0ubuntu0.20.04.2

---------------
mariadb-10.3 (1:10.3.39-0ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: New upstream version 10.3.39 includes fixes for the
    following security vulnerabilities (LP: #2045452):
    - CVE-2022-47015
  * Add patch to revert upstream libmariadb API change (Debian Bug#1031773)
  * Make SysV init script explicit on its dependencies (Debian Bug#1035949)
  * Both of the changes above was included in the MariaDB Server version
    1:10.3.39-0+deb10u1 in Deban Buster without any reported regressions
    since June 2023 and are thus safe and appropriate to include in Ubuntu
    20.04 (Focal) as well
  * Include extra patch for CVE-2023-22084: A vulnerability allowed high
    privileged attacker with network access via multiple protocols to compromise
    the server. Successful attacks of this vulnerability can result in
    unauthorized ability to cause a hang or frequently repeatable crash
    (complete DOS) the server (Debian Bug#1055034)
  * According to https://mariadb.org/about/#maintenance-policy this
    was the last minor maintenance release for MariaDB 10.3 series

 -- Otto Kekäläinen <email address hidden> Sat, 02 Dec 2023 00:23:50 -0800