Lucene search

K
osvGoogleOSV:ALSA-2019:2511
HistoryAug 15, 2019 - 5:31 p.m.

Important: mysql:8.0 security update

2019-08-1517:31:05
Google
osv.dev
12
mysql 8.0
security update
server vulnerabilities
optimizer vulnerabilities
parser vulnerabilities
ps vulnerabilities
security vulnerabilities
ddl vulnerabilities
innodb vulnerabilities
cvss score
references section.

AI Score

8.1

Confidence

High

EPSS

0.005

Percentile

76.8%

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.

The following packages have been upgraded to a later upstream version: mysql (8.0.17).

Security Fix(es):

  • mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2800, CVE-2019-2436, CVE-2019-2531, CVE-2019-2534, CVE-2019-2614, CVE-2019-2617, CVE-2019-2630, CVE-2019-2634, CVE-2019-2635, CVE-2019-2755)

  • mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2420, CVE-2019-2481, CVE-2019-2507, CVE-2019-2529, CVE-2019-2530, CVE-2019-2581, CVE-2019-2596, CVE-2019-2607, CVE-2019-2625, CVE-2019-2681, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, CVE-2019-2688, CVE-2019-2689, CVE-2019-2693, CVE-2019-2694, CVE-2019-2695, CVE-2019-2757, CVE-2019-2774, CVE-2019-2796, CVE-2019-2802, CVE-2019-2803, CVE-2019-2808, CVE-2019-2810, CVE-2019-2812, CVE-2019-2815, CVE-2019-2830, CVE-2019-2834)

  • mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-2434, CVE-2019-2455, CVE-2019-2805)

  • mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2482, CVE-2019-2592)

  • mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2019-2486, CVE-2019-2532, CVE-2019-2533, CVE-2019-2584, CVE-2019-2589, CVE-2019-2606, CVE-2019-2620, CVE-2019-2627, CVE-2019-2739, CVE-2019-2778, CVE-2019-2811, CVE-2019-2789)

  • mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2494, CVE-2019-2495, CVE-2019-2537, CVE-2019-2626, CVE-2019-2644)

  • mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2502, CVE-2019-2510, CVE-2019-2580, CVE-2019-2585, CVE-2019-2593, CVE-2019-2624, CVE-2019-2628, CVE-2019-2758, CVE-2019-2785, CVE-2019-2798, CVE-2019-2879, CVE-2019-2814)

  • mysql: Server: Connection Handling unspecified vulnerability (CVE-2019-2503)

  • mysql: Server: Partition multiple unspecified vulnerabilities (CVE-2019-2528, CVE-2019-2587)

  • mysql: Server: Options multiple unspecified vulnerabilities (CVE-2019-2535, CVE-2019-2623, CVE-2019-2683, CVE-2019-2752)

  • mysql: Server: Packaging unspecified vulnerability (CVE-2019-2536)

  • mysql: Server: Connection unspecified vulnerability (CVE-2019-2539)

  • mysql: Server: Information Schema unspecified vulnerability (CVE-2019-2631)

  • mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2019-2636)

  • mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2019-2691, CVE-2019-2826)

  • mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2019-2737)

  • mysql: Server: XML unspecified vulnerability (CVE-2019-2740)

  • mysql: Server: Components / Services unspecified vulnerability (CVE-2019-2780)

  • mysql: Server: DML unspecified vulnerability (CVE-2019-2784)

  • mysql: Server: Charsets unspecified vulnerability (CVE-2019-2795)

  • mysql: Client programs unspecified vulnerability (CVE-2019-2797)

  • mysql: Server: FTS unspecified vulnerability (CVE-2019-2801)

  • mysql: Server: Security: Audit unspecified vulnerability (CVE-2019-2819)

  • mysql: Server: Compiling unspecified vulnerability (CVE-2019-2738)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References