[Security Advisory] ALSA-2024:1141: mysql security update (Moderate)
Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 9 Type: Security Severity: Moderate Release date: 2024-03-07 Summary: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Security Fix(es): * mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911) * mysql: Server: DDL unspecified vulnerability (CPU Apr 2023) (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933) * mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982) * mysql: Server: Components Services unspecified vulnerability (CPU Apr 2023) (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962) * mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21953) * mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21955) * mysql: Server: JSON unspecified vulnerability (CPU Apr 2023) (CVE-2023-21966) * mysql: Server: DML unspecified vulnerability (CPU Apr 2023) (CVE-2023-21972) * mysql: Client programs unspecified vulnerability (CPU Apr 2023) (CVE-2023-21980) * mysql: Server: Replication unspecified vulnerability (CPU Jul 2023) (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057) * mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22008) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112) * mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22033) * mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2023) (CVE-2023-22046) * mysql: Client programs unspecified vulnerability (CPU Jul 2023) (CVE-2023-22053, CVE-2023-22054, CVE-2023-22056) * mysql: Server: DDL unspecified vulnerability (CPU Jul 2023) (CVE-2023-22058) * mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114) * mysql: Server: UDF unspecified vulnerability (CPU Oct 2023) (CVE-2023-22111) * mysql: Server: DML unspecified vulnerability (CPU Oct 2023) (CVE-2023-22115) * mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024) (CVE-2024-20960) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024) (CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-2097, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982) * mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024) (CVE-2024-20963) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024) (CVE-2024-20964) * mysql: Server: Replication unspecified vulnerability (CPU Jan 2024) (CVE-2024-20967) * mysql: Server: Options unspecified vulnerability (CPU Jan 2024) (CVE-2024-20968) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20969) * mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20981) * mysql: Server: DML unspecified vulnerability (CPU Jan 2024) (CVE-2024-20983) * mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024) (CVE-2024-20984) * mysql: Server: UDF unspecified vulnerability (CPU Jan 2024) (CVE-2024-20985) * zstd: mysql: buffer overrun in util.c (CVE-2022-4899) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2023) (CVE-2023-22038) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2023) (CVE-2023-22048) * mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023) (CVE-2023-22113) Bug Fix(es): * Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF (AlmaLinux-22454) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2024-1141.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team
participants (1)
-
AlmaLinux Errata Notifications