[ALSA-2020:3732] mysql:8.0 security update
An update for the mysql:8.0 module is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
The following packages have been upgraded to a later upstream version: mysql (8.0.21).
Security Fix(es):
mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586, CVE-2020-14702)
mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957)
mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)
mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925)
mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)
mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654, CVE-2020-14680, CVE-2020-14725)
mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011)
mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580)
mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)
mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)
mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632)
mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)
mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)
mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)
mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)
mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)
mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)
mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)
mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903)
mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921)
mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926)
mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)
mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)
mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)
mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)
mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)
mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)
mysql: Information Schema unspecified vulnerability (CVE-2019-2911)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- ALSA-2020:3732
- Severity
- important
- URL
- https://errata.almalinux.org/ALSA-2020:3732.html
- Published
-
2020-09-14T12:23:24
(4 years ago) - Modified
-
2020-09-14T12:23:24
(4 years ago) - Rights
- Copyright 2022 AlmaLinux OS
- Other Advisories
-
-
ALAS-2020-1332
-
ALAS-2020-1333
-
ALAS-2020-1402
-
ALAS-2020-1403
-
ALAS-2020-1439
-
ALAS2-2020-1537
-
ALPINE:CVE-2019-2938
-
ALPINE:CVE-2019-2974
-
ALPINE:CVE-2020-2574
-
ALPINE:CVE-2020-2752
-
ALPINE:CVE-2020-2760
-
ALPINE:CVE-2020-2812
-
ALPINE:CVE-2020-2814
-
ALSA-2019:3708
-
ALSA-2020:5500
-
ALSA-2020:5503
-
ELSA-2020-3732
-
ELSA-2020-4026
-
ELSA-2020-5500
-
ELSA-2020-5503
-
FEDORA-2019-48a0a07033
-
FEDORA-2019-c1fab3f139
-
FEDORA-2019-d40df38271
-
FEDORA-2020-136dc82437
-
FEDORA-2020-20ac7c92a1
-
FEDORA-2020-261c9ddd7c
-
FEDORA-2020-35f52d9370
-
FEDORA-2020-77b95c868f
-
FEDORA-2020-9c27be9396
-
FEDORA-2020-ac2d47d89a
-
FEDORA-2020-d5b2e71a17
-
FEDORA-2021-b1d1655cef
-
FEDORA-2021-db50ab62d3
-
FREEBSD:21D59EA3-8559-11EA-A5E2-D4C9EF517024
-
FREEBSD:4FBA07CA-13AA-11EB-B31E-D4C9EF517024
-
FREEBSD:56BA4513-A1BE-11EB-9072-D4C9EF517024
-
FREEBSD:622B5C47-855B-11EA-A5E2-D4C9EF517024
-
FREEBSD:A6CF65AD-37D2-11EA-A1C7-B499BAEBFEAF
-
FREEBSD:CB0183BB-45F6-11EA-A1C7-B499BAEBFEAF
-
FREEBSD:FC91F2EF-FD7B-11E9-A1C7-B499BAEBFEAF
-
GLSA-202012-08
-
GLSA-202105-27
-
GLSA-202405-25
-
MS:CVE-2020-14539
-
MS:CVE-2020-14540
-
MS:CVE-2020-14547
-
MS:CVE-2020-14550
-
MS:CVE-2020-14553
-
MS:CVE-2020-14559
-
MS:CVE-2020-14568
-
MS:CVE-2020-14575
-
MS:CVE-2020-14576
-
MS:CVE-2020-14586
-
MS:CVE-2020-14597
-
MS:CVE-2020-14614
-
MS:CVE-2020-14619
-
MS:CVE-2020-14620
-
MS:CVE-2020-14623
-
MS:CVE-2020-14624
-
MS:CVE-2020-14631
-
MS:CVE-2020-14632
-
MS:CVE-2020-14633
-
MS:CVE-2020-14634
-
MS:CVE-2020-14641
-
MS:CVE-2020-14643
-
MS:CVE-2020-14651
-
MS:CVE-2020-14654
-
MS:CVE-2020-14656
-
MS:CVE-2020-14663
-
MS:CVE-2020-14678
-
MS:CVE-2020-14680
-
MS:CVE-2020-14697
-
MS:CVE-2020-14702
-
MS:CVE-2020-14725
-
openSUSE-SU-2019:2698-1
-
openSUSE-SU-2020:0289-1
-
openSUSE-SU-2020:0870-1
-
RHSA-2019:2327
-
RHSA-2019:3708
-
RHSA-2020:1100
-
RHSA-2020:3732
-
RHSA-2020:4026
-
RHSA-2020:5500
-
RHSA-2020:5503
-
RLSA-2019:3708
-
RLSA-2020:3732
-
RLSA-2020:5500
-
RLSA-2020:5503
-
SSA:2020-133-01
-
SUSE-SU-2019:3306-1
-
SUSE-SU-2019:3369-1
-
SUSE-SU-2019:3370-1
-
SUSE-SU-2020:0050-1
-
SUSE-SU-2020:0496-1
-
SUSE-SU-2020:0505-1
-
SUSE-SU-2020:0523-1
-
SUSE-SU-2020:0527-1
-
SUSE-SU-2020:0640-1
-
SUSE-SU-2020:0831-1
-
SUSE-SU-2020:1625-1
-
SUSE-SU-2020:1710-1
-
SUSE-SU-2020:1711-1
-
SUSE-SU-2020:1798-1
-
SUSE-SU-2020:3625-1
-
USN-4195-1
-
USN-4195-2
-
USN-4250-1
-
USN-4250-2
-
USN-4350-1
-
USN-4441-1
-
USN-4603-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/almalinux/mysql?arch=x86_64&distro=almalinux-8.3 | almalinux |
 mysql
|
< 8.0.21-1.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mysql?arch=aarch64&distro=almalinux-8.4 | almalinux |
mysql
|
< 8.0.21-1.module_el8.4.0+2259+47abd494 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mysql-test?arch=x86_64&distro=almalinux-8.3 | almalinux |
mysql-test
|
< 8.0.21-1.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mysql-test?arch=aarch64&distro=almalinux-8.4 | almalinux |
mysql-test
|
< 8.0.21-1.module_el8.4.0+2259+47abd494 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mysql-server?arch=x86_64&distro=almalinux-8.3 | almalinux |
mysql-server
|
< 8.0.21-1.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mysql-server?arch=aarch64&distro=almalinux-8.4 | almalinux |
mysql-server
|
< 8.0.21-1.module_el8.4.0+2259+47abd494 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mysql-libs?arch=x86_64&distro=almalinux-8.3 | almalinux |
mysql-libs
|
< 8.0.21-1.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mysql-libs?arch=aarch64&distro=almalinux-8.4 | almalinux |
mysql-libs
|
< 8.0.21-1.module_el8.4.0+2259+47abd494 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mysql-errmsg?arch=x86_64&distro=almalinux-8.3 | almalinux |
mysql-errmsg
|
< 8.0.21-1.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mysql-errmsg?arch=aarch64&distro=almalinux-8.4 | almalinux |
mysql-errmsg
|
< 8.0.21-1.module_el8.4.0+2259+47abd494 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mysql-devel?arch=x86_64&distro=almalinux-8.3 | almalinux |
mysql-devel
|
< 8.0.21-1.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mysql-devel?arch=aarch64&distro=almalinux-8.4 | almalinux |
mysql-devel
|
< 8.0.21-1.module_el8.4.0+2259+47abd494 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mysql-common?arch=x86_64&distro=almalinux-8.3 | almalinux |
mysql-common
|
< 8.0.21-1.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mysql-common?arch=aarch64&distro=almalinux-8.4 | almalinux |
mysql-common
|
< 8.0.21-1.module_el8.4.0+2259+47abd494 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mecab?arch=x86_64&distro=almalinux-8.4 | almalinux |
mecab
|
< 0.996-1.module_el8.4.0+2532+b8928c02.9 | almalinux-8.4 | x86_64 | |
| Affected | pkg:rpm/almalinux/mecab?arch=x86_64&distro=almalinux-8.3 | almalinux |
mecab
|
< 0.996-1.module_el8.3.0+2049+47abd494.9 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mecab?arch=aarch64&distro=almalinux-8.4 | almalinux |
mecab
|
< 0.996-1.module_el8.4.0+2532+b8928c02.9 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mecab-ipadic?arch=x86_64&distro=almalinux-8.4 | almalinux |
mecab-ipadic
|
< 2.7.0.20070801-16.module_el8.4.0+2532+b8928c02 | almalinux-8.4 | x86_64 | |
| Affected | pkg:rpm/almalinux/mecab-ipadic?arch=x86_64&distro=almalinux-8.3 | almalinux |
mecab-ipadic
|
< 2.7.0.20070801-16.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mecab-ipadic?arch=aarch64&distro=almalinux-8.4 | almalinux |
mecab-ipadic
|
< 2.7.0.20070801-16.module_el8.4.0+2532+b8928c02 | almalinux-8.4 | aarch64 | |
| Affected | pkg:rpm/almalinux/mecab-ipadic-EUCJP?arch=x86_64&distro=almalinux-8.4 | almalinux |
mecab-ipadic-EUCJP
|
< 2.7.0.20070801-16.module_el8.4.0+2532+b8928c02 | almalinux-8.4 | x86_64 | |
| Affected | pkg:rpm/almalinux/mecab-ipadic-EUCJP?arch=x86_64&distro=almalinux-8.3 | almalinux |
mecab-ipadic-EUCJP
|
< 2.7.0.20070801-16.module_el8.3.0+2049+47abd494 | almalinux-8.3 | x86_64 | |
| Affected | pkg:rpm/almalinux/mecab-ipadic-EUCJP?arch=aarch64&distro=almalinux-8.4 | almalinux |
mecab-ipadic-EUCJP
|
< 2.7.0.20070801-16.module_el8.4.0+2532+b8928c02 | almalinux-8.4 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |