(RHSA-2024:2619) Moderate: rh-mysql80-mysql security update

2024-04-3016:31:20

access.redhat.com

security update

rh-mysql80-mysql

vulnerabilities

buffer overrun

unspecified vulnerability

mysql server

zstd

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.8%

JSON

MySQL is a multi-user, multi-threaded SQL database server. It consists of the
MySQL server daemon, mysqld, and many client programs.

The following packages have been upgraded to a later upstream version:
rh-mysql80-mysql (8.0.36)

Security fixes:

mysql: Client programs unspecified vulnerability (CVE-2023-21980, CVE-2023-22053)
mysql: InnoDB unspecified vulnerability (CVE-2023-21911, CVE-2023-22008, CVE-2023-22033, CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114)
mysql: Server : Security : Firewall unspecified vulnerability (CVE-2024-20984)
mysql: Server: Audit Plug-in unspecified vulnerability (CVE-2024-21061)
mysql: Server: Components Services unspecified vulnerability (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962)
mysql: Server: DDL unspecified vulnerability (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933, CVE-2023-22058, CVE-2024-20969, CVE-2024-20981)
mysql: Server: DML unspecified vulnerability (CVE-2023-21972, CVE-2023-22115, CVE-2024-20983, CVE-2024-21015, CVE-2024-21049, CVE-2024-21050, CVE-2024-21051, CVE-2024-21052, CVE-2024-21053, CVE-2024-21056)
mysql: Server: JSON unspecified vulnerability (CVE-2023-21966)
mysql: Server: Optimizer unspecified vulnerability (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982, CVE-2023-22032, CVE-2023-22046, CVE-2023-22054, CVE-2023-22056, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112, CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-20970, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982, CVE-2024-20993, CVE-2024-21055, CVE-2024-21057)
mysql: Server: Options unspecified vulnerability (CVE-2024-20968)
mysql: Server: Partition unspecified vulnerability (CVE-2023-21953, CVE-2023-21955)
mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2023-22048)
mysql: Server: RAPID unspecified vulnerability (CVE-2024-20960)
mysql: Server: Replication unspecified vulnerability (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057, CVE-2024-20967)
mysql: Server: Security: Encryption unspecified vulnerability (CVE-2023-22113, CVE-2024-20963)
mysql: Server: Security: Privileges unspecified vulnerability (CVE-2023-22038, CVE-2024-20964)
mysql: Server: UDF unspecified vulnerability (CVE-2023-22111, CVE-2024-20985)
zstd: mysql: buffer overrun in util.c (CVE-2022-4899)

OSVersionArchitecturePackageVersionFilename
RedHat7ppc64lerh-mysql80-mysql-syspaths< 8.0.36-1.el7rh-mysql80-mysql-syspaths-8.0.36-1.el7.ppc64le.rpm
RedHat7x86_64rh-mysql80-mysql-config< 8.0.36-1.el7rh-mysql80-mysql-config-8.0.36-1.el7.x86_64.rpm
RedHat7s390xrh-mysql80-mysql-devel< 8.0.36-1.el7rh-mysql80-mysql-devel-8.0.36-1.el7.s390x.rpm
RedHat7ppc64lerh-mysql80-mysql-debuginfo< 8.0.36-1.el7rh-mysql80-mysql-debuginfo-8.0.36-1.el7.ppc64le.rpm
RedHat7x86_64rh-mysql80-mysql-debuginfo< 8.0.36-1.el7rh-mysql80-mysql-debuginfo-8.0.36-1.el7.x86_64.rpm
RedHat7s390xrh-mysql80-mysql-debuginfo< 8.0.36-1.el7rh-mysql80-mysql-debuginfo-8.0.36-1.el7.s390x.rpm
RedHat7ppc64lerh-mysql80-mysql-devel< 8.0.36-1.el7rh-mysql80-mysql-devel-8.0.36-1.el7.ppc64le.rpm
RedHat7ppc64lerh-mysql80-mysql-errmsg< 8.0.36-1.el7rh-mysql80-mysql-errmsg-8.0.36-1.el7.ppc64le.rpm
RedHat7s390xrh-mysql80-mysql< 8.0.36-1.el7rh-mysql80-mysql-8.0.36-1.el7.s390x.rpm
RedHat7s390xrh-mysql80-mysql-config< 8.0.36-1.el7rh-mysql80-mysql-config-8.0.36-1.el7.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	ppc64le	rh-mysql80-mysql-syspaths	< 8.0.36-1.el7	rh-mysql80-mysql-syspaths-8.0.36-1.el7.ppc64le.rpm
RedHat	7	x86_64	rh-mysql80-mysql-config	< 8.0.36-1.el7	rh-mysql80-mysql-config-8.0.36-1.el7.x86_64.rpm
RedHat	7	s390x	rh-mysql80-mysql-devel	< 8.0.36-1.el7	rh-mysql80-mysql-devel-8.0.36-1.el7.s390x.rpm
RedHat	7	ppc64le	rh-mysql80-mysql-debuginfo	< 8.0.36-1.el7	rh-mysql80-mysql-debuginfo-8.0.36-1.el7.ppc64le.rpm
RedHat	7	x86_64	rh-mysql80-mysql-debuginfo	< 8.0.36-1.el7	rh-mysql80-mysql-debuginfo-8.0.36-1.el7.x86_64.rpm
RedHat	7	s390x	rh-mysql80-mysql-debuginfo	< 8.0.36-1.el7	rh-mysql80-mysql-debuginfo-8.0.36-1.el7.s390x.rpm
RedHat	7	ppc64le	rh-mysql80-mysql-devel	< 8.0.36-1.el7	rh-mysql80-mysql-devel-8.0.36-1.el7.ppc64le.rpm
RedHat	7	ppc64le	rh-mysql80-mysql-errmsg	< 8.0.36-1.el7	rh-mysql80-mysql-errmsg-8.0.36-1.el7.ppc64le.rpm
RedHat	7	s390x	rh-mysql80-mysql	< 8.0.36-1.el7	rh-mysql80-mysql-8.0.36-1.el7.s390x.rpm
RedHat	7	s390x	rh-mysql80-mysql-config	< 8.0.36-1.el7	rh-mysql80-mysql-config-8.0.36-1.el7.s390x.rpm