ALSA-2025:15699

[ALSA-2025:15699] Moderate: mysql-selinux and mysql8.4 security update

Type:

security

Severity:

moderate

Release date:

2025-09-12

Description:

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files.  

Security Fix(es):  

  * openssl: Timing side-channel in ECDSA signature computation (CVE-2024-13176)
  * mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
  * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30688)
  * mysql: Stored Procedure unspecified vulnerability (CPU Apr 2025) (CVE-2025-30699)
  * mysql: UDF unspecified vulnerability (CPU Apr 2025) (CVE-2025-30721)
  * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30682)
  * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30683)
  * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30715)
  * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21574)
  * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21585)
  * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21588)
  * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30681)
  * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-21577)
  * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30687)
  * mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21580)
  * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30696)
  * mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30705)
  * mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21575)
  * mysql: Options unspecified vulnerability (CPU Apr 2025) (CVE-2025-21579)
  * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30685)
  * mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30704)
  * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21581)
  * mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30689)
  * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30695)
  * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30703)
  * mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
  * mysql: DDL unspecified vulnerability (CPU Apr 2025) (CVE-2025-21584)
  * mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30684)
  * curl: libcurl: WebSocket endless loop (CVE-2025-5399)
  * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50092)
  * mysql: mysqldump unspecified vulnerability (CPU Jul 2025) (CVE-2025-50081)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50079)
  * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50077)
  * mysql: DML unspecified vulnerability (CPU Jul 2025) (CVE-2025-50078)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50091)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50101)
  * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50093)
  * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50099)
  * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50085)
  * mysql: Components Services unspecified vulnerability (CPU Jul 2025) (CVE-2025-50086)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50082)
  * mysql: Encryption unspecified vulnerability (CPU Jul 2025) (CVE-2025-50097)
  * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50104)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50087)
  * mysql: Stored Procedure unspecified vulnerability (CPU Jul 2025) (CVE-2025-50080)
  * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50088)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50083)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50084)
  * mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025) (CVE-2025-50100)
  * mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50094)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50098)
  * mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50096)
  * mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50102)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2024-13176
CVE-2025-21574
CVE-2025-21575
CVE-2025-21577
CVE-2025-21579
CVE-2025-21580
CVE-2025-21581
CVE-2025-21584
CVE-2025-21585
CVE-2025-21588
CVE-2025-30681
CVE-2025-30682
CVE-2025-30683
CVE-2025-30684
CVE-2025-30685
CVE-2025-30687
CVE-2025-30688
CVE-2025-30689
CVE-2025-30693
CVE-2025-30695
CVE-2025-30696
CVE-2025-30699
CVE-2025-30703
CVE-2025-30704
CVE-2025-30705
CVE-2025-30715
CVE-2025-30721
CVE-2025-30722
CVE-2025-50077
CVE-2025-50078
CVE-2025-50079
CVE-2025-50080
CVE-2025-50081
CVE-2025-50082
CVE-2025-50083
CVE-2025-50084
CVE-2025-50085
CVE-2025-50086
CVE-2025-50087
CVE-2025-50088
CVE-2025-50091
CVE-2025-50092
CVE-2025-50093
CVE-2025-50094
CVE-2025-50096
CVE-2025-50097
CVE-2025-50098
CVE-2025-50099
CVE-2025-50100
CVE-2025-50101
CVE-2025-50102
CVE-2025-50104
CVE-2025-5399
RHSA-2025:15699
ALSA-2025:15699

Updated packages listed below:

Architecture	Package	Checksum
noarch	mysql-selinux-1.0.14-1.el10_0.noarch.rpm	393b6ef07b98aba06d8d9ec311bc54f97f64c3fd2729aaa30024c7861cd21427
noarch	mysql8.4-test-data-8.4.6-2.el10_0.noarch.rpm	634743d5badee59910d831c52ccba8e9bac6ce085620109ebb3bfa7abdc106e6
noarch	mysql8.4-errmsg-8.4.6-2.el10_0.noarch.rpm	bb9511e88f0708b0c62e3ab0bad8bb2046dd777dd884dc213c6a8fcd2826bb08
noarch	mysql8.4-common-8.4.6-2.el10_0.noarch.rpm	d28d82cce2fa0c207f0c5e8a92bdda59a52bdae3c24d31c72af961bdf43f604f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.