ALSA-2023:3087

[ALSA-2023:3087] Important: mysql:8.0 security, bug fix, and enhancement update

Type:

security

Severity:

important

Release date:

2023-05-22

Description:

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.32). (BZ#2177734, BZ#2177735, BZ#2177736)

Security Fix(es):

* mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2023) (CVE-2023-21912)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21594)
* mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) (CVE-2022-21599)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21608)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611)
* mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) (CVE-2022-21617)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21625)
* mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) (CVE-2022-21632)
* mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) (CVE-2022-21633)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21640)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39400)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39408)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39410)
* mysql: Server: DML unspecified vulnerability (CPU Jan 2023) (CVE-2023-21836)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21863)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21864)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21865)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21867)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21868)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21870)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21873)
* mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) (CVE-2023-21875)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21876)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21878)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21879)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21881)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21883)
* mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) (CVE-2023-21887)
* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21917)
* mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) (CVE-2023-21874)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21882)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* AlmaLinux8 AppStream and Devel channels missing mecab-devel rpm (BZ#2180411)

References:

CVE-2022-21594
CVE-2022-21599
CVE-2022-21604
CVE-2022-21608
CVE-2022-21611
CVE-2022-21617
CVE-2022-21625
CVE-2022-21632
CVE-2022-21633
CVE-2022-21637
CVE-2022-21640
CVE-2022-39400
CVE-2022-39408
CVE-2022-39410
CVE-2023-21836
CVE-2023-21863
CVE-2023-21864
CVE-2023-21865
CVE-2023-21867
CVE-2023-21868
CVE-2023-21869
CVE-2023-21870
CVE-2023-21871
CVE-2023-21873
CVE-2023-21874
CVE-2023-21875
CVE-2023-21876
CVE-2023-21877
CVE-2023-21878
CVE-2023-21879
CVE-2023-21880
CVE-2023-21881
CVE-2023-21882
CVE-2023-21883
CVE-2023-21887
CVE-2023-21912
CVE-2023-21917
RHSA-2023:3087
ALSA-2023:3087

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mysql-devel-8.0.32-1.module_el8.8.0+3567+56a616e4.aarch64.rpm	1e5d057b048f96c78edb0e10a548be64759fc2693054ca46cdca68d1c2685b18
aarch64	mysql-errmsg-8.0.32-1.module_el8.8.0+3567+56a616e4.aarch64.rpm	2b04b77d8306f242c1be50f9481ea39a43e9b14bb35926fcb959c57355c61f75
aarch64	mysql-8.0.32-1.module_el8.8.0+3567+56a616e4.aarch64.rpm	2fcf26e9dddf1a8e8a90db469a52951a12b630af8ea5b6937cda2819ef04f4c5
aarch64	mysql-common-8.0.32-1.module_el8.8.0+3567+56a616e4.aarch64.rpm	4d492a3e9b15a475c3a31453f604073978fa3bd9c540b49a5cb2ac91a6c40237
aarch64	mysql-server-8.0.32-1.module_el8.8.0+3567+56a616e4.aarch64.rpm	7a4582e1dc3280713dce7c8e3674cd9f51a53b9b005f67d71e5ebc0d53921a30
aarch64	mecab-ipadic-EUCJP-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.aarch64.rpm	bfd023117a52dcf9986284c9558a973c78a257078d76983f4b01b6c739f8c0e2
aarch64	mecab-devel-0.996-2.module_el8.6.0+3340+d764b636.aarch64.rpm	c0b14c42d4982d3da9aee02be557152498892b0b4e4a2434a6881bb17e53eba3
aarch64	mysql-libs-8.0.32-1.module_el8.8.0+3567+56a616e4.aarch64.rpm	da3df9217924d21f23f09bdb3c0fe89897ab8c191a3e106edd267ac8da4a03d0
aarch64	mecab-0.996-2.module_el8.6.0+3340+d764b636.aarch64.rpm	e1c7024f127b0836925cb951490c38855bc0f97fa958be73c2b0ab72a8dcb6cc
aarch64	mysql-test-8.0.32-1.module_el8.8.0+3567+56a616e4.aarch64.rpm	facbd2fe3733efed8af5ed3198bd78a4689732a0a1031554702e4932ca1e6a23
aarch64	mecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.aarch64.rpm	fc3f77b5fcaa8e4ab1f6f41fb62a85beef210a516ce6011b0e5b577ce9ab25d3
ppc64le	mysql-8.0.32-1.module_el8.8.0+3567+56a616e4.ppc64le.rpm	32467ebe0ed7d87ce1008e547a0e2b7c0a19e01f9df6a9e03e0253a4d14f5ba7
ppc64le	mysql-test-8.0.32-1.module_el8.8.0+3567+56a616e4.ppc64le.rpm	3dbd816edf572467a40c4d3f1503fbf962382aed7c395877b0f39e26f385cd35
ppc64le	mysql-errmsg-8.0.32-1.module_el8.8.0+3567+56a616e4.ppc64le.rpm	52c6259e9c5604ce8d0bfbb7e20df79a28ae7c5fee12fcdae49673a2e8693b1a
ppc64le	mecab-devel-0.996-2.module_el8.6.0+3340+d764b636.ppc64le.rpm	5f0fdccc4a6fb2dc81e10b56b0030ad609bb2a3967e798db8fd5bb8543b91cce
ppc64le	mysql-server-8.0.32-1.module_el8.8.0+3567+56a616e4.ppc64le.rpm	5fc17c6f3cef67c63fe76617360fe9fa22bef9c0bf2f87cdc90db0d180379d5e
ppc64le	mecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.ppc64le.rpm	647ca52ce18fd28458d3dd5f66b2fcce7833184f043fa3825aff73b90ca98992
ppc64le	mysql-libs-8.0.32-1.module_el8.8.0+3567+56a616e4.ppc64le.rpm	6c3315e159b682b4df8d3219800e2429e4145ad900b7cc464f03b55566b01eef
ppc64le	mysql-common-8.0.32-1.module_el8.8.0+3567+56a616e4.ppc64le.rpm	73db65c9fbf91ec6074b78d298ad0e84677bacb60bc3a9a2f79df3c7a92925b6
ppc64le	mecab-ipadic-EUCJP-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.ppc64le.rpm	c4483a52848d75b301b2b8546e2225b43efbb42b9728a5d96257f8d47218d506
ppc64le	mecab-0.996-2.module_el8.6.0+3340+d764b636.ppc64le.rpm	dbce2d021f017d84496e6347e8815843d7c012e85d4da679f1ac185095f9268d
ppc64le	mysql-devel-8.0.32-1.module_el8.8.0+3567+56a616e4.ppc64le.rpm	de68aae45fc06ea3e68c437367125dc6b9b5e1cfd84f687ffbec293d12243ece
s390x	mysql-libs-8.0.32-1.module_el8.8.0+3567+56a616e4.s390x.rpm	024ca8d9d85974a4994b9dbed1b5a1afddc2bba3f3fe814c6ca20c9fa40de281
s390x	mysql-test-8.0.32-1.module_el8.8.0+3567+56a616e4.s390x.rpm	281c9389918e4b5cb462280a3e53dd98541e12b598be9d284bf5c504876942c8
s390x	mecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.s390x.rpm	2ecc38dc395cc34bd5a62791f2bb828e7a3970a378a406e6c5a92945d1c69856
s390x	mysql-common-8.0.32-1.module_el8.8.0+3567+56a616e4.s390x.rpm	38b0fc57dded58222c8585fd67d80cc05f7e905988a77bf04d108064fc439fd5
s390x	mysql-errmsg-8.0.32-1.module_el8.8.0+3567+56a616e4.s390x.rpm	6e3ea59fb0341005b9994eb6ebb3933b19856c811f5420ffe4375254d58ffee5
s390x	mecab-ipadic-EUCJP-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.s390x.rpm	85ab51ff2897e18fb0fa62f38a21f7f77c1037510fcb24f6fc7f9580966833ff
s390x	mecab-devel-0.996-2.module_el8.6.0+3340+d764b636.s390x.rpm	95fbafd6a495d411511dcfabd6b0f0746e44e7a7bcc70330024e0022229ee5d3
s390x	mysql-server-8.0.32-1.module_el8.8.0+3567+56a616e4.s390x.rpm	a5cc8febcd90942577b5f53e54d6a9268bbed835ab1119f85d3b7d1baa3fa600
s390x	mecab-0.996-2.module_el8.6.0+3340+d764b636.s390x.rpm	ac9101824269dda084c450648ac939c4c8fc017d05d6f1a13bf138bda748fa52
s390x	mysql-devel-8.0.32-1.module_el8.8.0+3567+56a616e4.s390x.rpm	e0486000b4eca69303331e5997a6567cd16e9b6c4ef8b2e87fafebcff3013f9a
s390x	mysql-8.0.32-1.module_el8.8.0+3567+56a616e4.s390x.rpm	ef0a82e13d78d450ab59ccf78f24e7e6c882e2c58e62fcc20b3aa5d44adff060
x86_64	mecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.x86_64.rpm	01c25f1a3512236bd73267caa3bea6476ca3a7c377c5977467aeb9f40023dbdd
x86_64	mysql-common-8.0.32-1.module_el8.8.0+3567+56a616e4.x86_64.rpm	32a86e8bab8bb52129793e2e49bca9cc7c7f36b7347dd0f8df9456e71480558e
x86_64	mysql-test-8.0.32-1.module_el8.8.0+3567+56a616e4.x86_64.rpm	4de63b105b715d895f44eef9b6d20df8112510b45ff24f043b1137ef40cf833f
x86_64	mysql-errmsg-8.0.32-1.module_el8.8.0+3567+56a616e4.x86_64.rpm	50f5ab5c8f31a533b6396b9fda72bbf923236debff661c88d0140154780d4751
x86_64	mysql-devel-8.0.32-1.module_el8.8.0+3567+56a616e4.x86_64.rpm	7ca639d0d2ed0ae8534dfe2efa21dcea2682abf550439ea4a8c21ab162aa5f10
x86_64	mysql-libs-8.0.32-1.module_el8.8.0+3567+56a616e4.x86_64.rpm	9436372c2c95c32b9c7108d32f53db4d213281d3cbd314dee67bb6e41cf5e5c9
x86_64	mecab-0.996-2.module_el8.6.0+3340+d764b636.x86_64.rpm	ad92d845da106629c38f53bf00066da345d350ac0d997f8b0ab94651b56637de
x86_64	mysql-server-8.0.32-1.module_el8.8.0+3567+56a616e4.x86_64.rpm	d641be7443e19341491ecf88cd12630468d20cbb2766fcef32ca6fc329df3183
x86_64	mysql-8.0.32-1.module_el8.8.0+3567+56a616e4.x86_64.rpm	e1351b2f14acf82c8e3537c53af7219d224ae1c15ad14a4ff2bb4f7003ea61e0
x86_64	mecab-devel-0.996-2.module_el8.6.0+3340+d764b636.x86_64.rpm	e621458cd621eb4c60bf22745f688aa1016072241506d301ed4fc5dba4dfd764
x86_64	mecab-ipadic-EUCJP-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.x86_64.rpm	f6da46b9d0e7500a200617a7e0c49f0c88237403ee64287503a0beea96719a3a

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.