Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Red Hat Enterprise Linux 9: RHSA-2022-6590 Moderate: MySQL Update

red hat
Calendar Grey September 20, 2022
Dist Redhat Esm H88
The recent security patch for MySQL on Red Hat Enterprise Linux 9 outlines various improvements and corrections, classified as moderate importance.
An update for mysql is now available for Red Hat Enterprise Linux 9

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

Summary

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
The following packages have been upgraded to a later upstream version: mysql (8.0.30). (BZ#2122589)
Security Fix(es):
* mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479)
* mysql: Server: DML unspecified vulnerability (CPU Apr 2022) (CVE-2022-21413)
* mysql: Server: Replication unspecified vulnerability (CPU Apr 2022) (CVE-2022-21415)
* mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21423)
* mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21425, CVE-2022-21444)
* mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) (CVE-2022-21427)
* mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21454)
* mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022) (CVE-2022-21455)
* mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21457)
* mysql: Server: Logging unspecified vulnerability (CPU Apr 2022) (CVE-2022-21460)
* mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21556, CVE-2022-21569)
* mysql: Server: Options unspecified vulnerability (CPU Jul 2022) (CVE-2022-21515)
* mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21517, CVE-2022-21537, CVE-2022-21539)
* mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21522, CVE-2022-21534)
* mysql: Server: Federated unspecified vulnerability (CPU Jul 2022) (CVE-2022-21547)
* mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022) (CVE-2022-21538)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Default logrotate set to wrong log file (BZ#2122592)

Topics%20covered

Topics Covered

security advisory moderate Red Hat update MySQL bug fix enhancement

References

https://access.redhat.com/security/cve/CVE-2022-21412 https://access.redhat.com/security/cve/CVE-2022-21413 https://access.redhat.com/security/cve/CVE-2022-21414 https://access.redhat.com/security/cve/CVE-2022-21415 https://access.redhat.com/security/cve/CVE-2022-21417 https://access.redhat.com/security/cve/CVE-2022-21418 https://access.redhat.com/security/cve/CVE-2022-21423 https://access.redhat.com/security/cve/CVE-2022-21425 https://access.redhat.com/security/cve/CVE-2022-21427 https://access.redhat.com/security/cve/CVE-2022-21435 https://access.redhat.com/security/cve/CVE-2022-21436 https://access.redhat.com/security/cve/CVE-2022-21437 https://access.redhat.com/security/cve/CVE-2022-21438 https://access.redhat.com/security/cve/CVE-2022-21440 https://access.redhat.com/security/cve/CVE-2022-21444 https://access.redhat.com/security/cve/CVE-2022-21451 https://access.redhat.com/security/cve/CVE-2022-21452 https://access.redhat.com/security/cve/CVE-2022-21454 https://access.redhat.com/security/cve/CVE-2022-21455 https://access.redhat.com/security/cve/CVE-2022-21457 https://access.redhat.com/security/cve/CVE-2022-21459 https://access.redhat.com/security/cve/CVE-2022-21460 https://access.redhat.com/security/cve/CVE-2022-21462 Read the Full Advisory

Package List

Red Hat Enterprise Linux AppStream (v. 9):
Source: mysql-8.0.30-3.el9_0.src.rpm
aarch64: mysql-8.0.30-3.el9_0.aarch64.rpm mysql-common-8.0.30-3.el9_0.aarch64.rpm mysql-debuginfo-8.0.30-3.el9_0.aarch64.rpm mysql-debugsource-8.0.30-3.el9_0.aarch64.rpm mysql-devel-debuginfo-8.0.30-3.el9_0.aarch64.rpm mysql-errmsg-8.0.30-3.el9_0.aarch64.rpm mysql-libs-debuginfo-8.0.30-3.el9_0.aarch64.rpm mysql-server-8.0.30-3.el9_0.aarch64.rpm mysql-server-debuginfo-8.0.30-3.el9_0.aarch64.rpm mysql-test-debuginfo-8.0.30-3.el9_0.aarch64.rpm
ppc64le: mysql-8.0.30-3.el9_0.ppc64le.rpm mysql-common-8.0.30-3.el9_0.ppc64le.rpm mysql-debuginfo-8.0.30-3.el9_0.ppc64le.rpm mysql-debugsource-8.0.30-3.el9_0.ppc64le.rpm mysql-devel-debuginfo-8.0.30-3.el9_0.ppc64le.rpm mysql-errmsg-8.0.30-3.el9_0.ppc64le.rpm mysql-libs-debuginfo-8.0.30-3.el9_0.ppc64le.rpm mysql-server-8.0.30-3.el9_0.ppc64le.rpm mysql-server-debuginfo-8.0.30-3.el9_0.ppc64le.rpm mysql-test-debuginfo-8.0.30-3.el9_0.ppc64le.rpm
s390x: mysql-8.0.30-3.el9_0.s390x.rpm mysql-common-8.0.30-3.el9_0.s390x.rpm mysql-debuginfo-8.0.30-3.el9_0.s390x.rpm mysql-debugsource-8.0.30-3.el9_0.s390x.rpm mysql-devel-debuginfo-8.0.30-3.el9_0.s390x.rpm mysql-errmsg-8.0.30-3.el9_0.s390x.rpm mysql-libs-debuginfo-8.0.30-3.el9_0.s390x.rpm

Read the Full Advisory


Advisory ID: RHSA-2022:6590-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:6590
Issue date: 2022-09-20

Topic

An update for mysql is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory moderate Red Hat update MySQL bug fix enhancement

Relevant Releases Architectures

Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

Bugs Fixed

2082636 - CVE-2022-21412 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

2082637 - CVE-2022-21413 mysql: Server: DML unspecified vulnerability (CPU Apr 2022)

2082638 - CVE-2022-21414 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

2082639 - CVE-2022-21415 mysql: Server: Replication unspecified vulnerability (CPU Apr 2022)

2082640 - CVE-2022-21417 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)

2082641 - CVE-2022-21418 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)

2082642 - CVE-2022-21423 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)

2082643 - CVE-2022-21425 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)

2082644 - CVE-2022-21427 mysql: Server: FTS unspecified vulnerability (CPU Apr 2022)

2082645 - CVE-2022-21435 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

2082646 - CVE-2022-21436 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

2082647 - CVE-2022-21437 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

2082648 - CVE-2022-21438 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

2082649 - CVE-2022-21440 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

2082650 - CVE-2022-21444 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)

2082651 - CVE-2022-21451 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here