Fedora Account System
Red Hat Associate
Red Hat Customer
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997. https://docs.percona.com/percona-xtrabackup/2.4/release-notes/2.4/2.4.25.html https://jira.percona.com/browse/PXB-2722
Created percona-xtrabackup tracking bugs for this issue: Affects: epel-all [bug 2093152] Affects: fedora-all [bug 2093150]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.