[ALSA-2024:1141] mysql security update
Severity
Moderate
Affected Packages
8
CVEs
75
mysql security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
Security Fix(es):
- mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911)
- mysql: Server: DDL unspecified vulnerability (CPU Apr 2023) (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933)
- mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982)
- mysql: Server: Components Services unspecified vulnerability (CPU Apr 2023) (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962)
- mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21953)
- mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21955)
- mysql: Server: JSON unspecified vulnerability (CPU Apr 2023) (CVE-2023-21966)
- mysql: Server: DML unspecified vulnerability (CPU Apr 2023) (CVE-2023-21972)
- mysql: Client programs unspecified vulnerability (CPU Apr 2023) (CVE-2023-21980)
- mysql: Server: Replication unspecified vulnerability (CPU Jul 2023) (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057)
- mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22008)
- mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112)
- mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22033)
- mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2023) (CVE-2023-22046)
- mysql: Client programs unspecified vulnerability (CPU Jul 2023) (CVE-2023-22053, CVE-2023-22054, CVE-2023-22056)
- mysql: Server: DDL unspecified vulnerability (CPU Jul 2023) (CVE-2023-22058)
- mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114)
- mysql: Server: UDF unspecified vulnerability (CPU Oct 2023) (CVE-2023-22111)
- mysql: Server: DML unspecified vulnerability (CPU Oct 2023) (CVE-2023-22115)
- mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024) (CVE-2024-20960)
- mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024) (CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-2097, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982)
- mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024) (CVE-2024-20963)
- mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024) (CVE-2024-20964)
- mysql: Server: Replication unspecified vulnerability (CPU Jan 2024) (CVE-2024-20967)
- mysql: Server: Options unspecified vulnerability (CPU Jan 2024) (CVE-2024-20968)
- mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20969)
- mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20981)
- mysql: Server: DML unspecified vulnerability (CPU Jan 2024) (CVE-2024-20983)
- mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024) (CVE-2024-20984)
- mysql: Server: UDF unspecified vulnerability (CPU Jan 2024) (CVE-2024-20985)
- zstd: mysql: buffer overrun in util.c (CVE-2022-4899)
- mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2023) (CVE-2023-22038)
- mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2023) (CVE-2023-22048)
- mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023) (CVE-2023-22113)
Bug Fix(es):
- Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF (AlmaLinux-22454)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/almalinux/mysql?arch=x86_64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
pkg:rpm/almalinux/mysql?arch=aarch64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
pkg:rpm/almalinux/mysql-server?arch=x86_64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
pkg:rpm/almalinux/mysql-server?arch=aarch64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
pkg:rpm/almalinux/mysql-errmsg?arch=x86_64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
pkg:rpm/almalinux/mysql-errmsg?arch=aarch64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
pkg:rpm/almalinux/mysql-common?arch=x86_64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
pkg:rpm/almalinux/mysql-common?arch=aarch64&distro=almalinux-9.3 | < 8.0.36-1.el9_3 |
- ID
- ALSA-2024:1141
- Severity
- moderate
- URL
- https://errata.almalinux.org/ALSA-2024:1141.html
- Published
-
2024-03-05T00:00:00
(6 months ago) - Modified
-
2024-03-07T19:03:21
(6 months ago) - Rights
- Copyright 2024 AlmaLinux OS
- Other Advisories
-
- ALAS-2023-1768
- ALAS-2023-1878
- ALAS2-2023-2140
- ALPINE:CVE-2023-22084
- ALSA-2024:0894
- ELSA-2024-0894
- ELSA-2024-1141
- FEDORA-2023-2eca0baace
- FEDORA-2023-492105ed08
- FEDORA-2023-7fd02c2367
- FEDORA-2023-7fe02ec473
- FEDORA-2023-9ccff0b1b7
- FEDORA-2023-a9283d639f
- FEDORA-2023-af177441a9
- FEDORA-2023-bff42b29eb
- FEDORA-2023-d451c1919f
- FEDORA-2024-c611359ae1
- FREEBSD:22DF5074-71CD-11EE-85EB-84A93843EB75
- FREEBSD:388E6557-8C80-11EE-9EE3-84A93843EB75
- FREEBSD:759A5599-3CE8-11EE-A0D1-84A93843EB75
- FREEBSD:F504A8D2-E105-11ED-85F6-84A93843EB75
- PYSEC-2023-121
- RHSA-2024:0894
- RHSA-2024:1141
- SSA:2023-318-01
- SUSE-SU-2023:1688-1
- SUSE-SU-2023:2074-1
- SUSE-SU-2023:4907-1
- SUSE-SU-2023:4908-1
- SUSE-SU-2024:1922-1
- SUSE-SU-2024:1985-1
- USN-6060-1
- USN-6060-2
- USN-6288-1
- USN-6288-2
- USN-6459-1
- USN-6583-1
- USN-6600-1
- USN-6615-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/almalinux/mysql?arch=x86_64&distro=almalinux-9.3 | almalinux | mysql | < 8.0.36-1.el9_3 | almalinux-9.3 | x86_64 | |
Affected | pkg:rpm/almalinux/mysql?arch=aarch64&distro=almalinux-9.3 | almalinux | mysql | < 8.0.36-1.el9_3 | almalinux-9.3 | aarch64 | |
Affected | pkg:rpm/almalinux/mysql-server?arch=x86_64&distro=almalinux-9.3 | almalinux | mysql-server | < 8.0.36-1.el9_3 | almalinux-9.3 | x86_64 | |
Affected | pkg:rpm/almalinux/mysql-server?arch=aarch64&distro=almalinux-9.3 | almalinux | mysql-server | < 8.0.36-1.el9_3 | almalinux-9.3 | aarch64 | |
Affected | pkg:rpm/almalinux/mysql-errmsg?arch=x86_64&distro=almalinux-9.3 | almalinux | mysql-errmsg | < 8.0.36-1.el9_3 | almalinux-9.3 | x86_64 | |
Affected | pkg:rpm/almalinux/mysql-errmsg?arch=aarch64&distro=almalinux-9.3 | almalinux | mysql-errmsg | < 8.0.36-1.el9_3 | almalinux-9.3 | aarch64 | |
Affected | pkg:rpm/almalinux/mysql-common?arch=x86_64&distro=almalinux-9.3 | almalinux | mysql-common | < 8.0.36-1.el9_3 | almalinux-9.3 | x86_64 | |
Affected | pkg:rpm/almalinux/mysql-common?arch=aarch64&distro=almalinux-9.3 | almalinux | mysql-common | < 8.0.36-1.el9_3 | almalinux-9.3 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |