[RHSA-2024:1141] mysql security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
Security Fix(es):
mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911)
mysql: Server: DDL unspecified vulnerability (CPU Apr 2023) (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933)
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982)
mysql: Server: Components Services unspecified vulnerability (CPU Apr 2023) (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962)
mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21953)
mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21955)
mysql: Server: JSON unspecified vulnerability (CPU Apr 2023) (CVE-2023-21966)
mysql: Server: DML unspecified vulnerability (CPU Apr 2023) (CVE-2023-21972)
mysql: Client programs unspecified vulnerability (CPU Apr 2023) (CVE-2023-21980)
mysql: Server: Replication unspecified vulnerability (CPU Jul 2023) (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057)
mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22008)
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112)
mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22033)
mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2023) (CVE-2023-22046)
mysql: Client programs unspecified vulnerability (CPU Jul 2023) (CVE-2023-22053, CVE-2023-22054, CVE-2023-22056)
mysql: Server: DDL unspecified vulnerability (CPU Jul 2023) (CVE-2023-22058)
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114)
mysql: Server: UDF unspecified vulnerability (CPU Oct 2023) (CVE-2023-22111)
mysql: Server: DML unspecified vulnerability (CPU Oct 2023) (CVE-2023-22115)
mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024) (CVE-2024-20960)
mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024) (CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-2097, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982)
mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024) (CVE-2024-20963)
mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024) (CVE-2024-20964)
mysql: Server: Replication unspecified vulnerability (CPU Jan 2024) (CVE-2024-20967)
mysql: Server: Options unspecified vulnerability (CPU Jan 2024) (CVE-2024-20968)
mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20969)
mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20981)
mysql: Server: DML unspecified vulnerability (CPU Jan 2024) (CVE-2024-20983)
mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024) (CVE-2024-20984)
mysql: Server: UDF unspecified vulnerability (CPU Jan 2024) (CVE-2024-20985)
zstd: mysql: buffer overrun in util.c (CVE-2022-4899)
mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2023) (CVE-2023-22038)
mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2023) (CVE-2023-22048)
mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023) (CVE-2023-22113)
Bug Fix(es):
- Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF (RHEL-22454)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- RHSA-2024:1141
- Severity
- moderate
- URL
- https://access.redhat.com/errata/RHSA-2024:1141
- Published
-
2024-03-05T00:00:00
(6 months ago) - Modified
-
2024-03-05T00:00:00
(6 months ago) - Rights
- Copyright 2024 Red Hat, Inc.
- Other Advisories
-
-
ALAS-2023-1768
-
ALAS-2023-1878
-
ALAS2-2023-2140
-
ALPINE:CVE-2023-22084
-
ALSA-2024:0894
-
ALSA-2024:1141
-
ELSA-2024-0894
-
ELSA-2024-1141
-
FEDORA-2023-2eca0baace
-
FEDORA-2023-492105ed08
-
FEDORA-2023-7fd02c2367
-
FEDORA-2023-7fe02ec473
-
FEDORA-2023-9ccff0b1b7
-
FEDORA-2023-a9283d639f
-
FEDORA-2023-af177441a9
-
FEDORA-2023-bff42b29eb
-
FEDORA-2023-d451c1919f
-
FEDORA-2024-c611359ae1
-
FREEBSD:22DF5074-71CD-11EE-85EB-84A93843EB75
-
FREEBSD:388E6557-8C80-11EE-9EE3-84A93843EB75
-
FREEBSD:759A5599-3CE8-11EE-A0D1-84A93843EB75
-
FREEBSD:F504A8D2-E105-11ED-85F6-84A93843EB75
-
PYSEC-2023-121
-
RHSA-2024:0894
-
SSA:2023-318-01
-
SUSE-SU-2023:1688-1
-
SUSE-SU-2023:2074-1
-
SUSE-SU-2023:4907-1
-
SUSE-SU-2023:4908-1
-
SUSE-SU-2024:1922-1
-
SUSE-SU-2024:1985-1
-
USN-6060-1
-
USN-6060-2
-
USN-6288-1
-
USN-6288-2
-
USN-6459-1
-
USN-6583-1
-
USN-6600-1
-
USN-6615-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/mysql?arch=x86_64&distro=redhat-9.3 | redhat |
 mysql
|
< 8.0.36-1.el9_3 | redhat-9.3 | x86_64 | |
| Affected | pkg:rpm/redhat/mysql?arch=s390x&distro=redhat-9.3 | redhat |
mysql
|
< 8.0.36-1.el9_3 | redhat-9.3 | s390x | |
| Affected | pkg:rpm/redhat/mysql?arch=ppc64le&distro=redhat-9.3 | redhat |
mysql
|
< 8.0.36-1.el9_3 | redhat-9.3 | ppc64le | |
| Affected | pkg:rpm/redhat/mysql?arch=aarch64&distro=redhat-9.3 | redhat |
mysql
|
< 8.0.36-1.el9_3 | redhat-9.3 | aarch64 | |
| Affected | pkg:rpm/redhat/mysql-test?arch=x86_64&distro=redhat-9.3 | redhat |
mysql-test
|
< 8.0.36-1.el9_3 | redhat-9.3 | x86_64 | |
| Affected | pkg:rpm/redhat/mysql-test?arch=s390x&distro=redhat-9.3 | redhat |
mysql-test
|
< 8.0.36-1.el9_3 | redhat-9.3 | s390x | |
| Affected | pkg:rpm/redhat/mysql-test?arch=ppc64le&distro=redhat-9.3 | redhat |
mysql-test
|
< 8.0.36-1.el9_3 | redhat-9.3 | ppc64le | |
| Affected | pkg:rpm/redhat/mysql-test?arch=aarch64&distro=redhat-9.3 | redhat |
mysql-test
|
< 8.0.36-1.el9_3 | redhat-9.3 | aarch64 | |
| Affected | pkg:rpm/redhat/mysql-server?arch=x86_64&distro=redhat-9.3 | redhat |
mysql-server
|
< 8.0.36-1.el9_3 | redhat-9.3 | x86_64 | |
| Affected | pkg:rpm/redhat/mysql-server?arch=s390x&distro=redhat-9.3 | redhat |
mysql-server
|
< 8.0.36-1.el9_3 | redhat-9.3 | s390x | |
| Affected | pkg:rpm/redhat/mysql-server?arch=ppc64le&distro=redhat-9.3 | redhat |
mysql-server
|
< 8.0.36-1.el9_3 | redhat-9.3 | ppc64le | |
| Affected | pkg:rpm/redhat/mysql-server?arch=aarch64&distro=redhat-9.3 | redhat |
mysql-server
|
< 8.0.36-1.el9_3 | redhat-9.3 | aarch64 | |
| Affected | pkg:rpm/redhat/mysql-libs?arch=x86_64&distro=redhat-9.3 | redhat |
mysql-libs
|
< 8.0.36-1.el9_3 | redhat-9.3 | x86_64 | |
| Affected | pkg:rpm/redhat/mysql-libs?arch=s390x&distro=redhat-9.3 | redhat |
mysql-libs
|
< 8.0.36-1.el9_3 | redhat-9.3 | s390x | |
| Affected | pkg:rpm/redhat/mysql-libs?arch=ppc64le&distro=redhat-9.3 | redhat |
mysql-libs
|
< 8.0.36-1.el9_3 | redhat-9.3 | ppc64le | |
| Affected | pkg:rpm/redhat/mysql-libs?arch=aarch64&distro=redhat-9.3 | redhat |
mysql-libs
|
< 8.0.36-1.el9_3 | redhat-9.3 | aarch64 | |
| Affected | pkg:rpm/redhat/mysql-errmsg?arch=x86_64&distro=redhat-9.3 | redhat |
mysql-errmsg
|
< 8.0.36-1.el9_3 | redhat-9.3 | x86_64 | |
| Affected | pkg:rpm/redhat/mysql-errmsg?arch=s390x&distro=redhat-9.3 | redhat |
mysql-errmsg
|
< 8.0.36-1.el9_3 | redhat-9.3 | s390x | |
| Affected | pkg:rpm/redhat/mysql-errmsg?arch=ppc64le&distro=redhat-9.3 | redhat |
mysql-errmsg
|
< 8.0.36-1.el9_3 | redhat-9.3 | ppc64le | |
| Affected | pkg:rpm/redhat/mysql-errmsg?arch=aarch64&distro=redhat-9.3 | redhat |
mysql-errmsg
|
< 8.0.36-1.el9_3 | redhat-9.3 | aarch64 | |
| Affected | pkg:rpm/redhat/mysql-devel?arch=x86_64&distro=redhat-9.3 | redhat |
mysql-devel
|
< 8.0.36-1.el9_3 | redhat-9.3 | x86_64 | |
| Affected | pkg:rpm/redhat/mysql-devel?arch=s390x&distro=redhat-9.3 | redhat |
mysql-devel
|
< 8.0.36-1.el9_3 | redhat-9.3 | s390x | |
| Affected | pkg:rpm/redhat/mysql-devel?arch=ppc64le&distro=redhat-9.3 | redhat |
mysql-devel
|
< 8.0.36-1.el9_3 | redhat-9.3 | ppc64le | |
| Affected | pkg:rpm/redhat/mysql-devel?arch=aarch64&distro=redhat-9.3 | redhat |
mysql-devel
|
< 8.0.36-1.el9_3 | redhat-9.3 | aarch64 | |
| Affected | pkg:rpm/redhat/mysql-common?arch=x86_64&distro=redhat-9.3 | redhat |
mysql-common
|
< 8.0.36-1.el9_3 | redhat-9.3 | x86_64 | |
| Affected | pkg:rpm/redhat/mysql-common?arch=s390x&distro=redhat-9.3 | redhat |
mysql-common
|
< 8.0.36-1.el9_3 | redhat-9.3 | s390x | |
| Affected | pkg:rpm/redhat/mysql-common?arch=ppc64le&distro=redhat-9.3 | redhat |
mysql-common
|
< 8.0.36-1.el9_3 | redhat-9.3 | ppc64le | |
| Affected | pkg:rpm/redhat/mysql-common?arch=aarch64&distro=redhat-9.3 | redhat |
mysql-common
|
< 8.0.36-1.el9_3 | redhat-9.3 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |