OESA-2021-1156

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1156

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2021-1156.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2021-1156

Upstream

CVE-2019-2708

Published

2021-05-06T11:02:50Z

Modified

2026-03-11T05:59:53.933545Z

Summary

libdb security update

Details

Oracle Berkeley DB provides the best open source embeddable databases allowing developers the choice of SQL, Key/Value, XML/XQuery or Java Object storage for their data model. At its core is a fast, scalable, transactional database engine with proven reliability and availability. Berkeley DB comes three versions: Berkeley DB, Berkeley DB Java Edition, and Berkeley DB XML.

Security Fix(es):

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).(CVE-2019-2708)

Database specific

{
    "severity": "Low"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / libdb

Package

Name: libdb
Purl: pkg:rpm/openEuler/libdb&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.28-36.oe1

Ecosystem specific

{
    "src": [
        "libdb-5.3.28-36.oe1.src.rpm"
    ],
    "noarch": [
        "libdb-help-5.3.28-36.oe1.noarch.rpm"
    ],
    "aarch64": [
        "libdb-devel-5.3.28-36.oe1.aarch64.rpm",
        "libdb-debuginfo-5.3.28-36.oe1.aarch64.rpm",
        "libdb-5.3.28-36.oe1.aarch64.rpm",
        "libdb-debugsource-5.3.28-36.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "libdb-debuginfo-5.3.28-36.oe1.x86_64.rpm",
        "libdb-debugsource-5.3.28-36.oe1.x86_64.rpm",
        "libdb-5.3.28-36.oe1.x86_64.rpm",
        "libdb-devel-5.3.28-36.oe1.x86_64.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2021-1156.json"