[ALSA-2024:1141] Moderate: mysql security update
Type:
security
Severity:
moderate
Release date:
2024-03-07
Description:
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Security Fix(es): * mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911) * mysql: Server: DDL unspecified vulnerability (CPU Apr 2023) (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933) * mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982) * mysql: Server: Components Services unspecified vulnerability (CPU Apr 2023) (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962) * mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21953) * mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21955) * mysql: Server: JSON unspecified vulnerability (CPU Apr 2023) (CVE-2023-21966) * mysql: Server: DML unspecified vulnerability (CPU Apr 2023) (CVE-2023-21972) * mysql: Client programs unspecified vulnerability (CPU Apr 2023) (CVE-2023-21980) * mysql: Server: Replication unspecified vulnerability (CPU Jul 2023) (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057) * mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22008) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112) * mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22033) * mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2023) (CVE-2023-22046) * mysql: Client programs unspecified vulnerability (CPU Jul 2023) (CVE-2023-22053, CVE-2023-22054, CVE-2023-22056) * mysql: Server: DDL unspecified vulnerability (CPU Jul 2023) (CVE-2023-22058) * mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114) * mysql: Server: UDF unspecified vulnerability (CPU Oct 2023) (CVE-2023-22111) * mysql: Server: DML unspecified vulnerability (CPU Oct 2023) (CVE-2023-22115) * mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024) (CVE-2024-20960) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024) (CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-2097, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982) * mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024) (CVE-2024-20963) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024) (CVE-2024-20964) * mysql: Server: Replication unspecified vulnerability (CPU Jan 2024) (CVE-2024-20967) * mysql: Server: Options unspecified vulnerability (CPU Jan 2024) (CVE-2024-20968) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20969) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20981) * mysql: Server: DML unspecified vulnerability (CPU Jan 2024) (CVE-2024-20983) * mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024) (CVE-2024-20984) * mysql: Server: UDF unspecified vulnerability (CPU Jan 2024) (CVE-2024-20985) * zstd: mysql: buffer overrun in util.c (CVE-2022-4899) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2023) (CVE-2023-22038) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2023) (CVE-2023-22048) * mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023) (CVE-2023-22113) Bug Fix(es): * Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF (AlmaLinux-22454) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 mysql-devel-8.0.36-1.el9_3.aarch64.rpm 2b6911fb740fb23a0eaad63e5952b39dee0a278b5f8eeafff5083b2a30fb5c90
aarch64 mysql-common-8.0.36-1.el9_3.aarch64.rpm 300c667e8b36375e3f5d8091770aa614082260894d36b8bd3db2399f57a26289
aarch64 mysql-test-8.0.36-1.el9_3.aarch64.rpm b4bf63dbb0c1e4112fabd9341bca4d4d403630b2033d823af90b068314770356
aarch64 mysql-libs-8.0.36-1.el9_3.aarch64.rpm bbbdca618b5c58e25626a29213032a9d2edb8fab2cb4f683740dd306ae3b967b
aarch64 mysql-errmsg-8.0.36-1.el9_3.aarch64.rpm ef6a5a390ac2744f4feb6255f31ad0f7859b534f8bc18d5191b8fe918747b628
aarch64 mysql-8.0.36-1.el9_3.aarch64.rpm f0209dd5221ac93ae0e108c00d3658919f0030c820c3730cad4caa9655de69e0
aarch64 mysql-server-8.0.36-1.el9_3.aarch64.rpm f93628aaa2118e1bbed91237bf5f2c3e25e7d6a73d6acebd487ed4f629bf0142
ppc64le mysql-common-8.0.36-1.el9_3.ppc64le.rpm 13f010eea6f4d37c89f30159ccf37f1fa66b1a041a30f90c93db236411bc7298
ppc64le mysql-test-8.0.36-1.el9_3.ppc64le.rpm 1e8a20e634e5686fad24e4fa8142fb2c7946f988316eb507381059c37c1f76df
ppc64le mysql-8.0.36-1.el9_3.ppc64le.rpm 92d1ae047a84a051981cbc5c610e43a175aa09154f81f1a3811252368e673d59
ppc64le mysql-server-8.0.36-1.el9_3.ppc64le.rpm 9fdd7aeae4f4ebd420e24ad2338185ae52835c44aa14a4e50f462543af3a62ea
ppc64le mysql-errmsg-8.0.36-1.el9_3.ppc64le.rpm b754dac0bff9e4164e65193e4f3d55d1521ee27b14e5b569c3478ea94f6fa1cd
ppc64le mysql-libs-8.0.36-1.el9_3.ppc64le.rpm c1d38ae98657073b1dd477b21097378b62f714c97b3c3e431a7bdd4dd5a16c5d
ppc64le mysql-devel-8.0.36-1.el9_3.ppc64le.rpm f5491231e1cf10a9fd2f64a6867b41f1bd71d7830aa4393e0e9f219f0e6db716
s390x mysql-server-8.0.36-1.el9_3.s390x.rpm 4ec390734148118ac4fbe60ad76a1c1c9310b43167e13b1ed428ecafdc5f31ef
s390x mysql-8.0.36-1.el9_3.s390x.rpm b91119edbee9832449e2a28e1770d7745ed98900f8af17dc48206465e09b2ef9
s390x mysql-test-8.0.36-1.el9_3.s390x.rpm d71878bfb56621aec3d33d39d61422e44a1425d9cd67c991be96afe2fd1449fe
s390x mysql-devel-8.0.36-1.el9_3.s390x.rpm de69222d31f8028a3b11be14bf9c4ae23c74097bbad394faa7716d2960ada8e3
s390x mysql-common-8.0.36-1.el9_3.s390x.rpm e72f9ab3320b9cba34888104ea7c87ded1bb7b5d2df9bff214dbf1ff6b6481a2
s390x mysql-errmsg-8.0.36-1.el9_3.s390x.rpm ed0515c2c91cf651c662a0a2c5b3f5f6ddcdfc26c88e90edc466cac3aa5db813
s390x mysql-libs-8.0.36-1.el9_3.s390x.rpm f5bd37517b6b9b9b46d84bb8c910769c8ed2c968b098b65a6d8eb08e3f3cce7d
x86_64 mysql-errmsg-8.0.36-1.el9_3.x86_64.rpm 0c62ced831a240b8ac4ed0574490bc4e6d5b2fd29b605aea56100fba815b55bd
x86_64 mysql-8.0.36-1.el9_3.x86_64.rpm 166321bb48670a3942b268e28136082b24fa341681644e60c3561ca4d0bc7ab9
x86_64 mysql-server-8.0.36-1.el9_3.x86_64.rpm 4a5e3fcc1af80651f2f4dc38dbcff79a8576a034b5470b9aeba6c10cba3dc85c
x86_64 mysql-test-8.0.36-1.el9_3.x86_64.rpm 53da53582b7fbb504f9a312efadadee7f3fcb972193a208d696f8ac3273ac396
x86_64 mysql-common-8.0.36-1.el9_3.x86_64.rpm 6ea43d2a89f425135439cee6edeebdc2e1d7df9b41ab7354e8a04ba60d1aee73
x86_64 mysql-devel-8.0.36-1.el9_3.x86_64.rpm cf0d9c06e61c43e038372e20e6e9bcbc9e79e2a45ed7d92eefbb82e39ec19a3c
x86_64 mysql-libs-8.0.36-1.el9_3.x86_64.rpm e72fb5f6f03b1e41c4da2370d0e499c66e8d7f5646474403f56bdeb800736b17
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.