You are here
Home > Preporuke > Sigurnosni nedostaci programskih paketa mysql-5.7 i mysql-8.0

Sigurnosni nedostaci programskih paketa mysql-5.7 i mysql-8.0

==========================================================================
Ubuntu Security Notice USN-4350-1
May 04, 2020

mysql-5.7, mysql-8.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS
– Ubuntu 19.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in MySQL.

Software Description:
– mysql-8.0: MySQL database
– mysql-5.7: MySQL database

Details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS.
Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-30.html

https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-20.html

https://www.oracle.com/security-alerts/cpuapr2020.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
mysql-server-8.0 8.0.20-0ubuntu0.20.04.1

Ubuntu 19.10:
mysql-server-8.0 8.0.20-0ubuntu0.19.10.1

Ubuntu 18.04 LTS:
mysql-server-5.7 5.7.30-0ubuntu0.18.04.1

Ubuntu 16.04 LTS:
mysql-server-5.7 5.7.30-0ubuntu0.16.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/4350-1
CVE-2020-2759, CVE-2020-2760, CVE-2020-2762, CVE-2020-2763,
CVE-2020-2765, CVE-2020-2780, CVE-2020-2804, CVE-2020-2812,
CVE-2020-2892, CVE-2020-2893, CVE-2020-2895, CVE-2020-2896,
CVE-2020-2897, CVE-2020-2898, CVE-2020-2901, CVE-2020-2903,
CVE-2020-2904, CVE-2020-2921, CVE-2020-2922, CVE-2020-2923,
CVE-2020-2924, CVE-2020-2925, CVE-2020-2926, CVE-2020-2928,
CVE-2020-2930

Package Information:
https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.20-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.20-0ubuntu0.19.10.1
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.30-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.30-0ubuntu0.16.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl6wG4UACgkQZWnYVadE
vpMYEw/+O6ld7UdvqyRi0/0cOUR3GexQ1zRB680JCnyHjBZEiPYgb7Avvez30L9c
2MLbEQ5blOFqdvsTJ7lHQCKodYLb7m0i7mxGe2xwfKWegtVrpJKv2HRYoZEkU9+w
ZUgxjA/lEloc4h+jKC9+W5kBK/ydtCjQea4t1Wj1zN+a0oeOfaA1HrwKXyZpvyqb
ZQrYsE0qmichHfmKUDB+o00x+YuAl32sqxR0ddgcXJqxSf3NjNEk+MolG4dtNF0a
CUVcAexH0fym8lPnXPjCAk8TUwZtvZmzjMtwGJjdVZ7cj/281sRE5v8qyTsG2Uz2
d5hDLurr17159hKQINFJ0dIX55YrS5hpjEEn9Y+5XXny8xAJHMa8sGABHxf7yYyi
n43ogYNIGd3cbErxEirakfKTjqStwvytY73seAp3fGPy5ouriJZxMuZDSC6p2gcU
3lDbccp7mVjGOtg5snBq/VXin8vnJwBvw81O8Yls1v/tJDYX3isjww+NfgV6+xKz
cE6yJLG4xs074i20TLUFQXiX9u9U3h3Vd7+gFh2fhstxAEtBbtpkAcrilyIr1YUy
LXBX7C5toYIpb6TF7lLtXYB8zJrt+Hi42Aa5ciVXE6LPPw3UC9DHLJzktbYSDiIc
G/K+sRIJwzysddiGNpVhdJT2Kj9WTWfxSVgAunR5CYCxKbVA75o=
=Bhjm
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa python-typed-ast

Otkriveni su sigurnosni nedostaci u programskom paketu python-typed-ast za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju rušenje servisa. Savjetuje...

Close