ALSA-2023:2621

[ALSA-2023:2621] Important: mysql security update

Type:

security

Severity:

important

Release date:

2023-05-11

Description:

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.32). (BZ#2177731, BZ#2177732)

Security Fix(es):

* mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2023) (CVE-2023-21912)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21594)
* mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) (CVE-2022-21599)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21608)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611)
* mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) (CVE-2022-21617)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21625)
* mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) (CVE-2022-21632)
* mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) (CVE-2022-21633)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21640)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39400)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39408)
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39410)
* mysql: Server: DML unspecified vulnerability (CPU Jan 2023) (CVE-2023-21836)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21863)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21864)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21865)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21867)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21868)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21870)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21873)
* mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) (CVE-2023-21875)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21876)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21878)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21879)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21881)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21883)
* mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) (CVE-2023-21887)
* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21917)
* mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) (CVE-2023-21874)
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21882)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2022-21594
CVE-2022-21599
CVE-2022-21604
CVE-2022-21608
CVE-2022-21611
CVE-2022-21617
CVE-2022-21625
CVE-2022-21632
CVE-2022-21633
CVE-2022-21637
CVE-2022-21640
CVE-2022-39400
CVE-2022-39408
CVE-2022-39410
CVE-2023-21836
CVE-2023-21863
CVE-2023-21864
CVE-2023-21865
CVE-2023-21867
CVE-2023-21868
CVE-2023-21869
CVE-2023-21870
CVE-2023-21871
CVE-2023-21873
CVE-2023-21874
CVE-2023-21875
CVE-2023-21876
CVE-2023-21877
CVE-2023-21878
CVE-2023-21879
CVE-2023-21880
CVE-2023-21881
CVE-2023-21882
CVE-2023-21883
CVE-2023-21887
CVE-2023-21912
CVE-2023-21917
RHSA-2023:2621
ALSA-2023:2621

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mysql-devel-8.0.32-1.el9_2.aarch64.rpm	425e7b5e2f1fac862f379a7b39422a8e6d9146e80719b3a698581b2e87550f2c
aarch64	mysql-8.0.32-1.el9_2.aarch64.rpm	47cdd1796fabd29352f60f58340cb561df794e756e285f1907789d0049657ca5
aarch64	mysql-common-8.0.32-1.el9_2.aarch64.rpm	654295fe109a9f2bb8e4cb3e43fcf71972b4c430138c46dadb930c5ea1ddaeed
aarch64	mysql-errmsg-8.0.32-1.el9_2.aarch64.rpm	6cd5d7aaa294bb79085bc2b4dfddf85158b75ac178ca7f64069786c378cf3eab
aarch64	mysql-server-8.0.32-1.el9_2.aarch64.rpm	a8af67d26b488f82b861334ff8ced0fecaf28d04c24db480667018e9668ca925
aarch64	mysql-libs-8.0.32-1.el9_2.aarch64.rpm	be1a689452d853e8ec3201eea74888fda6a14b5e6f8bcd46df96ca7c23444303
aarch64	mysql-test-8.0.32-1.el9_2.aarch64.rpm	fc2d375076303ffbbd80717d06df14188a333ba2e029b689fc02615c563d6389
ppc64le	mysql-libs-8.0.32-1.el9_2.ppc64le.rpm	11bd8e0477ca47e055e85e06df1e84acd002e5494d882980a15d4e2b56d2b725
ppc64le	mysql-common-8.0.32-1.el9_2.ppc64le.rpm	29b1db7389264f35d948e03724c4f607d1023cb2f1a5583b7926ee707afe8a2e
ppc64le	mysql-8.0.32-1.el9_2.ppc64le.rpm	35d8b009ca11a272164568ac5d3cba8f65f28ec5af284069c0ce31ed58692836
ppc64le	mysql-test-8.0.32-1.el9_2.ppc64le.rpm	92d36df02fb8dae46c2b5511689a2767193d75776784014fa2153a3067860fa9
ppc64le	mysql-server-8.0.32-1.el9_2.ppc64le.rpm	96c38339b01e8d60b2e1911051480571bd33f5b57454cd8d1745bdbb1dc4f1ca
ppc64le	mysql-devel-8.0.32-1.el9_2.ppc64le.rpm	ce538465f1628f9e53a1ea2a01b204fe92156427e2fd3eb77d56455e96fa3563
ppc64le	mysql-errmsg-8.0.32-1.el9_2.ppc64le.rpm	fdfb946826497d79c6cf25b55184ea48023ef1dfbf6a58068a61c15cbeee84f5
s390x	mysql-server-8.0.32-1.el9_2.s390x.rpm	24e0ef7336867d9923f7652b61658991f7d52ec6ee8e54a82640136c25239db3
s390x	mysql-errmsg-8.0.32-1.el9_2.s390x.rpm	56455736741baf7acec535b328a6a8ad6071217716a6888a367054766765d9ca
s390x	mysql-devel-8.0.32-1.el9_2.s390x.rpm	d38bc4c5311567218e3d39d900ce59a2c534884b4c92ec2309af4702336ad4d9
s390x	mysql-8.0.32-1.el9_2.s390x.rpm	e970646980978d5d1fd7f5b3e965288477bfe4440400d38b84048c28e716eb6b
s390x	mysql-libs-8.0.32-1.el9_2.s390x.rpm	f3904adf6d2f7933f1acd2b2a585088ecef7872d57af8b45279c9232f188b539
s390x	mysql-test-8.0.32-1.el9_2.s390x.rpm	f5fdf2255c33263e4972957b0a036ec232c9a418cc28be5373781b5dd89cab4d
s390x	mysql-common-8.0.32-1.el9_2.s390x.rpm	f8ae9c156bd94b8853e91ab370cbf25503148afe3ce1bf749397956e7034fc52
x86_64	mysql-devel-8.0.32-1.el9_2.x86_64.rpm	00cd391e36ba21bb9b05500779ed4e7ccade3190b59bf4346f91ec73ade7bb75
x86_64	mysql-errmsg-8.0.32-1.el9_2.x86_64.rpm	0cc2777dfa04f3af5db8ff1465ff13e0d29abe3ad6fc68775eb1bf46fd9a0a6d
x86_64	mysql-test-8.0.32-1.el9_2.x86_64.rpm	21ec791e89f373fd2e142e4de674aeb8db3007ae631c5b54e79eb44d7d53405f
x86_64	mysql-common-8.0.32-1.el9_2.x86_64.rpm	354b79408f967d968ca8489bed7913c7f745af5089dbcb95e22a7a197636ee57
x86_64	mysql-8.0.32-1.el9_2.x86_64.rpm	5636e40cb39b98b0f12f3658c21974f9cd839c776a071840f6cce17f77f07da7
x86_64	mysql-libs-8.0.32-1.el9_2.x86_64.rpm	920778bbdec3e371ff179143202cc81b4f50ee6f30ff1cde40c39ac2d2da5e40
x86_64	mysql-server-8.0.32-1.el9_2.x86_64.rpm	9b131cf6aa992363301e2cfaa8bfc48903ce1049ae8847eec4ab44639d94ea96

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.