Issued:

2024-02-20

Updated:

2024-02-20

RHSA-2024:0894 - Moderate: mysql:8.0 security update

Synopsis

Moderate: mysql:8.0 security update

Type/Severity

Security Advisory Moderate

Topic

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

Security Fix(es):

• mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911)

• mysql: Server: DDL unspecified vulnerability (CPU Apr 2023) (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933)

• mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982)

• mysql: Server: Components Services unspecified vulnerability (CPU Apr 2023) (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962)

• mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21953, CVE-2023-21955)

• mysql: Server: JSON unspecified vulnerability (CPU Apr 2023) (CVE-2023-21966)

• mysql: Server: DML unspecified vulnerability (CPU Apr 2023) (CVE-2023-21972)

• mysql: Client programs unspecified vulnerability (CPU Apr 2023) (CVE-2023-21980)

• mysql: Server: Replication unspecified vulnerability (CPU Jul 2023) (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057)

• mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22008)

• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112)

• mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22033)

• mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2023) (CVE-2023-22046, CVE-2023-22054, CVE-2023-22056)

• mysql: Client programs unspecified vulnerability (CPU Jul 2023) (CVE-2023-22053)

• mysql: Server: DDL unspecified vulnerability (CPU Jul 2023) (CVE-2023-22058)

• mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114)

• mysql: Server: UDF unspecified vulnerability (CPU Oct 2023) (CVE-2023-22111)

• mysql: Server: DML unspecified vulnerability (CPU Oct 2023) (CVE-2023-22115)

• mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024) (CVE-2024-20960)

• mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024) (CVE-2024-20963)

• mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024) (CVE-2024-20964)

• mysql: Server: Replication unspecified vulnerability (CPU Jan 2024) (CVE-2024-20967)

• mysql: Server: Options unspecified vulnerability (CPU Jan 2024) (CVE-2024-20968)

• mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20969)

• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024) (CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-20970, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982)

• mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20981)

• mysql: Server: DML unspecified vulnerability (CPU Jan 2024) (CVE-2024-20983)

• mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024) (CVE-2024-20984)

• mysql: Server: UDF unspecified vulnerability (CPU Jan 2024) (CVE-2024-20985)

• zstd: mysql: buffer overrun in util.c (CVE-2022-4899)

• mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2023) (CVE-2023-22038)

• mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2023) (CVE-2023-22048)

• mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023) (CVE-2023-22113)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF (RHEL-22452)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

Affected Products

Updated Packages

• mecab-0.996-2.module+el8.9.0+21207+6c20cb3d.src.rpm
• mecab-ipadic-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.src.rpm
• mysql-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mecab-devel-0.996-2.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-server-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mecab-0.996-2.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-test-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-libs-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-devel-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-server-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-devel-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-8.0.36-1.module+el8.9.0+21207+6c20cb3d.src.rpm
• mecab-ipadic-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-debugsource-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mecab-debugsource-0.996-2.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-common-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-errmsg-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-libs-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-test-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mecab-debuginfo-0.996-2.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mysql-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.aarch64.rpm
• mecab-debugsource-0.996-2.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-devel-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-libs-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-server-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-test-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-test-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-server-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-debugsource-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-libs-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mecab-debuginfo-0.996-2.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-common-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mecab-0.996-2.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mecab-devel-0.996-2.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-devel-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mysql-errmsg-8.0.36-1.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mecab-ipadic-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.s390x.rpm
• mecab-debugsource-0.996-2.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-errmsg-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-devel-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-server-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-server-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mecab-debuginfo-0.996-2.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-libs-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mecab-devel-0.996-2.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-test-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-common-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-devel-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mecab-ipadic-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-debugsource-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-test-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mecab-0.996-2.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mysql-libs-8.0.36-1.module+el8.9.0+21207+6c20cb3d.ppc64le.rpm
• mecab-ipadic-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-devel-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-common-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mecab-0.996-2.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-libs-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-debugsource-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-libs-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mecab-devel-0.996-2.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-server-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-server-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-test-debuginfo-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-test-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-errmsg-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mecab-debugsource-0.996-2.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mecab-debuginfo-0.996-2.module+el8.9.0+21207+6c20cb3d.x86_64.rpm
• mysql-devel-8.0.36-1.module+el8.9.0+21207+6c20cb3d.x86_64.rpm

Fixes

• This content is not included.BZ - 2179864
• This content is not included.BZ - 2188109
• This content is not included.BZ - 2188113
• This content is not included.BZ - 2188115
• This content is not included.BZ - 2188116
• This content is not included.BZ - 2188117
• This content is not included.BZ - 2188118
• This content is not included.BZ - 2188119
• This content is not included.BZ - 2188120
• This content is not included.BZ - 2188121
• This content is not included.BZ - 2188122
• This content is not included.BZ - 2188123
• This content is not included.BZ - 2188124
• This content is not included.BZ - 2188125
• This content is not included.BZ - 2188127
• This content is not included.BZ - 2188128
• This content is not included.BZ - 2188129
• This content is not included.BZ - 2188130
• This content is not included.BZ - 2188131
• This content is not included.BZ - 2188132
• This content is not included.BZ - 2224211
• This content is not included.BZ - 2224212
• This content is not included.BZ - 2224213
• This content is not included.BZ - 2224214
• This content is not included.BZ - 2224215
• This content is not included.BZ - 2224216
• This content is not included.BZ - 2224217
• This content is not included.BZ - 2224218
• This content is not included.BZ - 2224219
• This content is not included.BZ - 2224220
• This content is not included.BZ - 2224221
• This content is not included.BZ - 2224222
• This content is not included.BZ - 2245014
• This content is not included.BZ - 2245015
• This content is not included.BZ - 2245016
• This content is not included.BZ - 2245017
• This content is not included.BZ - 2245018
• This content is not included.BZ - 2245019
• This content is not included.BZ - 2245020
• This content is not included.BZ - 2245021
• This content is not included.BZ - 2245022
• This content is not included.BZ - 2245023
• This content is not included.BZ - 2245024
• This content is not included.BZ - 2245026
• This content is not included.BZ - 2245027
• This content is not included.BZ - 2245028
• This content is not included.BZ - 2245029
• This content is not included.BZ - 2245030
• This content is not included.BZ - 2245031
• This content is not included.BZ - 2245032
• This content is not included.BZ - 2245033
• This content is not included.BZ - 2245034
• This content is not included.BZ - 2258771
• This content is not included.BZ - 2258772
• This content is not included.BZ - 2258773
• This content is not included.BZ - 2258774
• This content is not included.BZ - 2258775
• This content is not included.BZ - 2258776
• This content is not included.BZ - 2258777
• This content is not included.BZ - 2258778
• This content is not included.BZ - 2258779
• This content is not included.BZ - 2258780
• This content is not included.BZ - 2258781
• This content is not included.BZ - 2258782
• This content is not included.BZ - 2258783
• This content is not included.BZ - 2258784
• This content is not included.BZ - 2258785
• This content is not included.BZ - 2258787
• This content is not included.BZ - 2258788
• This content is not included.BZ - 2258789
• This content is not included.BZ - 2258790
• This content is not included.BZ - 2258791
• This content is not included.BZ - 2258792
• This content is not included.BZ - 2258793
• This content is not included.BZ - 2258794

CVEs

• CVE-2022-4899
• CVE-2023-21911
• CVE-2023-21919
• CVE-2023-21920
• CVE-2023-21929
• CVE-2023-21933
• CVE-2023-21935
• CVE-2023-21940
• CVE-2023-21945
• CVE-2023-21946
• CVE-2023-21947
• CVE-2023-21953
• CVE-2023-21955
• CVE-2023-21962
• CVE-2023-21966
• CVE-2023-21972
• CVE-2023-21976
• CVE-2023-21977
• CVE-2023-21980
• CVE-2023-21982
• CVE-2023-22005
• CVE-2023-22007
• CVE-2023-22008
• CVE-2023-22032
• CVE-2023-22033
• CVE-2023-22038
• CVE-2023-22046
• CVE-2023-22048
• CVE-2023-22053
• CVE-2023-22054
• CVE-2023-22056
• CVE-2023-22057
• CVE-2023-22058
• CVE-2023-22059
• CVE-2023-22064
• CVE-2023-22065
• CVE-2023-22066
• CVE-2023-22068
• CVE-2023-22070
• CVE-2023-22078
• CVE-2023-22079
• CVE-2023-22084
• CVE-2023-22092
• CVE-2023-22097
• CVE-2023-22103
• CVE-2023-22104
• CVE-2023-22110
• CVE-2023-22111
• CVE-2023-22112
• CVE-2023-22113
• CVE-2023-22114
• CVE-2023-22115
• CVE-2024-20960
• CVE-2024-20961
• CVE-2024-20962
• CVE-2024-20963
• CVE-2024-20964
• CVE-2024-20965
• CVE-2024-20966
• CVE-2024-20967
• CVE-2024-20968
• CVE-2024-20969
• CVE-2024-20970
• CVE-2024-20971
• CVE-2024-20972
• CVE-2024-20973
• CVE-2024-20974
• CVE-2024-20976
• CVE-2024-20977
• CVE-2024-20978
• CVE-2024-20981
• CVE-2024-20982
• CVE-2024-20983
• CVE-2024-20984
• CVE-2024-20985
• CVE-2024-20993
• CVE-2024-21049
• CVE-2024-21050
• CVE-2024-21051
• CVE-2024-21052
• CVE-2024-21053
• CVE-2024-21055
• CVE-2024-21056
• CVE-2024-21057
• CVE-2024-21061
• CVE-2024-21137
• CVE-2024-21200

References

• https://access.redhat.com/security/updates/classification/#moderate

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.