—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: mysql:8.0 security update
Advisory ID: RHSA-2020:3757-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3757
Issue date: 2020-09-15
CVE Names: CVE-2019-2911 CVE-2019-2914 CVE-2019-2938
CVE-2019-2946 CVE-2019-2957 CVE-2019-2960
CVE-2019-2963 CVE-2019-2966 CVE-2019-2967
CVE-2019-2968 CVE-2019-2974 CVE-2019-2982
CVE-2019-2991 CVE-2019-2993 CVE-2019-2997
CVE-2019-2998 CVE-2019-3004 CVE-2019-3009
CVE-2019-3011 CVE-2019-3018 CVE-2020-2570
CVE-2020-2573 CVE-2020-2574 CVE-2020-2577
CVE-2020-2579 CVE-2020-2580 CVE-2020-2584
CVE-2020-2588 CVE-2020-2589 CVE-2020-2627
CVE-2020-2660 CVE-2020-2679 CVE-2020-2686
CVE-2020-2694 CVE-2020-2752 CVE-2020-2759
CVE-2020-2760 CVE-2020-2761 CVE-2020-2762
CVE-2020-2763 CVE-2020-2765 CVE-2020-2770
CVE-2020-2774 CVE-2020-2779 CVE-2020-2780
CVE-2020-2804 CVE-2020-2812 CVE-2020-2814
CVE-2020-2853 CVE-2020-2892 CVE-2020-2893
CVE-2020-2895 CVE-2020-2896 CVE-2020-2897
CVE-2020-2898 CVE-2020-2901 CVE-2020-2903
CVE-2020-2904 CVE-2020-2921 CVE-2020-2922
CVE-2020-2923 CVE-2020-2924 CVE-2020-2925
CVE-2020-2926 CVE-2020-2928 CVE-2020-2930
CVE-2020-14539 CVE-2020-14540 CVE-2020-14547
CVE-2020-14550 CVE-2020-14553 CVE-2020-14559
CVE-2020-14567 CVE-2020-14568 CVE-2020-14575
CVE-2020-14576 CVE-2020-14586 CVE-2020-14597
CVE-2020-14614 CVE-2020-14619 CVE-2020-14620
CVE-2020-14623 CVE-2020-14624 CVE-2020-14631
CVE-2020-14632 CVE-2020-14633 CVE-2020-14634
CVE-2020-14641 CVE-2020-14643 CVE-2020-14651
CVE-2020-14654 CVE-2020-14656 CVE-2020-14663
CVE-2020-14678 CVE-2020-14680 CVE-2020-14697
CVE-2020-14702 CVE-2020-14725
=====================================================================
1. Summary:
An update for the mysql:8.0 module is now available for Red Hat Enterprise
Linux 8.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream EUS (v. 8.1) – aarch64, ppc64le, s390x, x86_64
3. Description:
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
The following packages have been upgraded to a later upstream version:
mysql (8.0.21).
Security Fix(es):
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities
(CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761,
CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586,
CVE-2020-14702)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities
(CVE-2019-2914, CVE-2019-2957)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938,
CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589,
CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895,
CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)
* mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946,
CVE-2020-2925)
* mysql: Server: Replication multiple unspecified vulnerabilities
(CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)
* mysql: Server: Optimizer multiple unspecified vulnerabilities
(CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991,
CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686,
CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904,
CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539,
CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654,
CVE-2020-14680, CVE-2020-14725)
* mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993,
CVE-2019-3011)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997,
CVE-2020-2580)
* mysql: Server: Parser multiple unspecified vulnerabilities
(CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)
* mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)
* mysql: Server: Options multiple unspecified vulnerabilities
(CVE-2020-2584, CVE-2020-14632)
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588,
CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)
* mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752,
CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)
* mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)
* mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)
* mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)
* mysql: Server: Information Schema multiple unspecified vulnerabilities
(CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)
* mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)
* mysql: Server: Connection Handling unspecified vulnerability
(CVE-2020-2903)
* mysql: Server: Group Replication Plugin unspecified vulnerability
(CVE-2020-2921)
* mysql: Server: Group Replication GCS unspecified vulnerability
(CVE-2020-2926)
* mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)
* mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)
* mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)
* mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)
* mysql: Server: Security: Roles multiple unspecified vulnerabilities
(CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)
* mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)
* mysql: Information Schema unspecified vulnerability (CVE-2019-2911)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically.
5. Bugs fixed (https://bugzilla.redhat.com/):
1764675 – CVE-2019-2911 mysql: Information Schema unspecified vulnerability (CPU Oct 2019)
1764676 – CVE-2019-2914 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
1764680 – CVE-2019-2938 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764681 – CVE-2019-2946 mysql: Server: PS unspecified vulnerability (CPU Oct 2019)
1764684 – CVE-2019-2957 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
1764685 – CVE-2019-2960 mysql: Server: Replication unspecified vulnerability (CPU Oct 2019)
1764686 – CVE-2019-2963 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764687 – CVE-2019-2966 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764688 – CVE-2019-2967 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764689 – CVE-2019-2968 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764691 – CVE-2019-2974 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764692 – CVE-2019-2982 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764693 – CVE-2019-2991 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764694 – CVE-2019-2993 mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
1764695 – CVE-2019-2997 mysql: Server: DDL unspecified vulnerability (CPU Oct 2019)
1764696 – CVE-2019-2998 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764698 – CVE-2019-3004 mysql: Server: Parser unspecified vulnerability (CPU Oct 2019)
1764699 – CVE-2019-3009 mysql: Server: Connection unspecified vulnerability (CPU Oct 2019)
1764700 – CVE-2019-3011 mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
1764701 – CVE-2019-3018 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1796880 – CVE-2020-2577 mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
1796881 – CVE-2020-2579 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796882 – CVE-2020-2580 mysql: Server: DDL unspecified vulnerability (CPU Jan 2020)
1796883 – CVE-2020-2584 mysql: Server: Options unspecified vulnerability (CPU Jan 2020)
1796884 – CVE-2020-2588 mysql: Server: DML unspecified vulnerability (CPU Jan 2020)
1796885 – CVE-2020-2589 mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
1796886 – CVE-2020-2660 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796887 – CVE-2020-2679 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796888 – CVE-2020-2686 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796889 – CVE-2020-2694 mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2020)
1796905 – CVE-2020-2627 mysql: Server: Parser unspecified vulnerability (CPU Jan 2020)
1798559 – CVE-2020-2570 mysql: C API unspecified vulnerability (CPU Jan 2020)
1798576 – CVE-2020-2573 mysql: C API unspecified vulnerability (CPU Jan 2020)
1798587 – CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020)
1830048 – CVE-2020-2759 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
1830049 – CVE-2020-2761 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830050 – CVE-2020-2762 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830051 – CVE-2020-2763 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
1830052 – CVE-2020-2765 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830053 – CVE-2020-2770 mysql: Server: Logging unspecified vulnerability (CPU Apr 2020)
1830054 – CVE-2020-2774 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830055 – CVE-2020-2779 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830056 – CVE-2020-2780 mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
1830058 – CVE-2020-2804 mysql: Server: Memcached unspecified vulnerability (CPU Apr 2020)
1830059 – CVE-2020-2812 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
1830060 – CVE-2020-2814 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830061 – CVE-2020-2853 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830062 – CVE-2020-2892 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830064 – CVE-2020-2893 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830066 – CVE-2020-2895 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830067 – CVE-2020-2896 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2020)
1830068 – CVE-2020-2897 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830069 – CVE-2020-2898 mysql: Server: Charsets unspecified vulnerability (CPU Apr 2020)
1830070 – CVE-2020-2901 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830071 – CVE-2020-2903 mysql: Server: Connection Handling unspecified vulnerability (CPU Apr 2020)
1830072 – CVE-2020-2904 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830073 – CVE-2020-2921 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020)
1830074 – CVE-2020-2923 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830075 – CVE-2020-2924 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830076 – CVE-2020-2925 mysql: Server: PS unspecified vulnerability (CPU Apr 2020)
1830077 – CVE-2020-2926 mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020)
1830078 – CVE-2020-2928 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830079 – CVE-2020-2930 mysql: Server: Parser unspecified vulnerability (CPU Apr 2020)
1830082 – CVE-2020-2760 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1835849 – CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020)
1835850 – CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020)
1865945 – CVE-2020-14539 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865947 – CVE-2020-14540 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865948 – CVE-2020-14547 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865949 – CVE-2020-14550 mysql: C API unspecified vulnerability (CPU Jul 2020)
1865950 – CVE-2020-14553 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020)
1865951 – CVE-2020-14559 mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020)
1865952 – CVE-2020-14567 mysql: Server: Replication unspecified vulnerability (CPU Jul 2020)
1865953 – CVE-2020-14568 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865954 – CVE-2020-14575 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865955 – CVE-2020-14576 mysql: Server: UDF unspecified vulnerability (CPU Jul 2020)
1865956 – CVE-2020-14586 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865958 – CVE-2020-14597 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865959 – CVE-2020-14614 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865960 – CVE-2020-14619 mysql: Server: Parser unspecified vulnerability (CPU Jul 2020)
1865961 – CVE-2020-14620 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865962 – CVE-2020-14623 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865963 – CVE-2020-14624 mysql: Server: JSON unspecified vulnerability (CPU Jul 2020)
1865964 – CVE-2020-14631 mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2020)
1865965 – CVE-2020-14632 mysql: Server: Options unspecified vulnerability (CPU Jul 2020)
1865966 – CVE-2020-14633 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865967 – CVE-2020-14634 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865968 – CVE-2020-14641 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1865969 – CVE-2020-14643 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1865970 – CVE-2020-14654 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865971 – CVE-2020-14656 mysql: Server: Locking unspecified vulnerability (CPU Jul 2020)
1865972 – CVE-2020-14663 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865973 – CVE-2020-14678 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865974 – CVE-2020-14680 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865975 – CVE-2020-14697 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865976 – CVE-2020-14702 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865977 – CVE-2020-14725 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865982 – CVE-2020-14651 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1874042 – Module stream mysql:8.0 does not have correct module.md file [rhel-8.1.0.z]
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v. 8.1):
Source:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.src.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.src.rpm
mysql-8.0.21-1.module+el8.1.0+7854+62e1520f.src.rpm
aarch64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mysql-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-common-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-debugsource-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-devel-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-errmsg-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-libs-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-server-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-test-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.aarch64.rpm
ppc64le:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mysql-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-common-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-debugsource-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-devel-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-errmsg-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-libs-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-server-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-test-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.ppc64le.rpm
s390x:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mysql-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-common-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-debugsource-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-devel-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-errmsg-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-libs-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-server-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-test-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.s390x.rpm
x86_64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mysql-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-common-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-debugsource-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-devel-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-errmsg-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-libs-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-server-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-test-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.1.0+7854+62e1520f.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-2911
https://access.redhat.com/security/cve/CVE-2019-2914
https://access.redhat.com/security/cve/CVE-2019-2938
https://access.redhat.com/security/cve/CVE-2019-2946
https://access.redhat.com/security/cve/CVE-2019-2957
https://access.redhat.com/security/cve/CVE-2019-2960
https://access.redhat.com/security/cve/CVE-2019-2963
https://access.redhat.com/security/cve/CVE-2019-2966
https://access.redhat.com/security/cve/CVE-2019-2967
https://access.redhat.com/security/cve/CVE-2019-2968
https://access.redhat.com/security/cve/CVE-2019-2974
https://access.redhat.com/security/cve/CVE-2019-2982
https://access.redhat.com/security/cve/CVE-2019-2991
https://access.redhat.com/security/cve/CVE-2019-2993
https://access.redhat.com/security/cve/CVE-2019-2997
https://access.redhat.com/security/cve/CVE-2019-2998
https://access.redhat.com/security/cve/CVE-2019-3004
https://access.redhat.com/security/cve/CVE-2019-3009
https://access.redhat.com/security/cve/CVE-2019-3011
https://access.redhat.com/security/cve/CVE-2019-3018
https://access.redhat.com/security/cve/CVE-2020-2570
https://access.redhat.com/security/cve/CVE-2020-2573
https://access.redhat.com/security/cve/CVE-2020-2574
https://access.redhat.com/security/cve/CVE-2020-2577
https://access.redhat.com/security/cve/CVE-2020-2579
https://access.redhat.com/security/cve/CVE-2020-2580
https://access.redhat.com/security/cve/CVE-2020-2584
https://access.redhat.com/security/cve/CVE-2020-2588
https://access.redhat.com/security/cve/CVE-2020-2589
https://access.redhat.com/security/cve/CVE-2020-2627
https://access.redhat.com/security/cve/CVE-2020-2660
https://access.redhat.com/security/cve/CVE-2020-2679
https://access.redhat.com/security/cve/CVE-2020-2686
https://access.redhat.com/security/cve/CVE-2020-2694
https://access.redhat.com/security/cve/CVE-2020-2752
https://access.redhat.com/security/cve/CVE-2020-2759
https://access.redhat.com/security/cve/CVE-2020-2760
https://access.redhat.com/security/cve/CVE-2020-2761
https://access.redhat.com/security/cve/CVE-2020-2762
https://access.redhat.com/security/cve/CVE-2020-2763
https://access.redhat.com/security/cve/CVE-2020-2765
https://access.redhat.com/security/cve/CVE-2020-2770
https://access.redhat.com/security/cve/CVE-2020-2774
https://access.redhat.com/security/cve/CVE-2020-2779
https://access.redhat.com/security/cve/CVE-2020-2780
https://access.redhat.com/security/cve/CVE-2020-2804
https://access.redhat.com/security/cve/CVE-2020-2812
https://access.redhat.com/security/cve/CVE-2020-2814
https://access.redhat.com/security/cve/CVE-2020-2853
https://access.redhat.com/security/cve/CVE-2020-2892
https://access.redhat.com/security/cve/CVE-2020-2893
https://access.redhat.com/security/cve/CVE-2020-2895
https://access.redhat.com/security/cve/CVE-2020-2896
https://access.redhat.com/security/cve/CVE-2020-2897
https://access.redhat.com/security/cve/CVE-2020-2898
https://access.redhat.com/security/cve/CVE-2020-2901
https://access.redhat.com/security/cve/CVE-2020-2903
https://access.redhat.com/security/cve/CVE-2020-2904
https://access.redhat.com/security/cve/CVE-2020-2921
https://access.redhat.com/security/cve/CVE-2020-2922
https://access.redhat.com/security/cve/CVE-2020-2923
https://access.redhat.com/security/cve/CVE-2020-2924
https://access.redhat.com/security/cve/CVE-2020-2925
https://access.redhat.com/security/cve/CVE-2020-2926
https://access.redhat.com/security/cve/CVE-2020-2928
https://access.redhat.com/security/cve/CVE-2020-2930
https://access.redhat.com/security/cve/CVE-2020-14539
https://access.redhat.com/security/cve/CVE-2020-14540
https://access.redhat.com/security/cve/CVE-2020-14547
https://access.redhat.com/security/cve/CVE-2020-14550
https://access.redhat.com/security/cve/CVE-2020-14553
https://access.redhat.com/security/cve/CVE-2020-14559
https://access.redhat.com/security/cve/CVE-2020-14567
https://access.redhat.com/security/cve/CVE-2020-14568
https://access.redhat.com/security/cve/CVE-2020-14575
https://access.redhat.com/security/cve/CVE-2020-14576
https://access.redhat.com/security/cve/CVE-2020-14586
https://access.redhat.com/security/cve/CVE-2020-14597
https://access.redhat.com/security/cve/CVE-2020-14614
https://access.redhat.com/security/cve/CVE-2020-14619
https://access.redhat.com/security/cve/CVE-2020-14620
https://access.redhat.com/security/cve/CVE-2020-14623
https://access.redhat.com/security/cve/CVE-2020-14624
https://access.redhat.com/security/cve/CVE-2020-14631
https://access.redhat.com/security/cve/CVE-2020-14632
https://access.redhat.com/security/cve/CVE-2020-14633
https://access.redhat.com/security/cve/CVE-2020-14634
https://access.redhat.com/security/cve/CVE-2020-14641
https://access.redhat.com/security/cve/CVE-2020-14643
https://access.redhat.com/security/cve/CVE-2020-14651
https://access.redhat.com/security/cve/CVE-2020-14654
https://access.redhat.com/security/cve/CVE-2020-14656
https://access.redhat.com/security/cve/CVE-2020-14663
https://access.redhat.com/security/cve/CVE-2020-14678
https://access.redhat.com/security/cve/CVE-2020-14680
https://access.redhat.com/security/cve/CVE-2020-14697
https://access.redhat.com/security/cve/CVE-2020-14702
https://access.redhat.com/security/cve/CVE-2020-14725
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iQIVAwUBX2EHwtzjgjWX9erEAQjz4BAAmKZy2aeEnyWNj92CaJBvaR07suMgv5yH
qBzyewxUIrsZ6coInVn6UygN07S2RCT0gcuRaXh6wj849t7Pp0FEMqwtQa3eGhEx
hDYR4IPCFWHRseM8SgFsJ5mbqnr3HtW38DQfaHFvnge7Ho6AW74ddg7e7H5NUjzj
pWowVEY5S2qu8hIYWM8UCO4AnsRaAlZ2NGtz3M4Rqw9ncHK4U4SlIWvKQ52nnist
saCkxxvCK9NEAgozcsUXO3WGjBvp95JFLJ7Jdy0WYVeV92yKvTRQAOt8mCtCrrjU
iea+u9EoaIIRd6PBI3Fa7U2EoZmEEKC6PKMRoV9XYx5mMZGHj9Voom6j3iNQ1ANe
k5t4NQB04gK6hpIYptCzBo4QbvnoH7uL+DJIiS0AzrisnSLNbeFbV4j/ocNSZc3i
L0d9ZdMJFqnzogPn2OZbUCzifoGBZ11Sbo6jllqkSUQqj66DO9fdfQrirHlQE3yA
rH4oAjjY9Uu6EYmJ/XKBiQZ+6iNhwFaIEfNukYT/nt4qytMzAqS3I8K36gr3B3hy
OoqsxGikEiefMa4HGjxFVonaseshlIfchBpLkA/ocVTJQ0sPP6bUhgw5/kfLX+WE
VM/oi9y0qdwT56YSIk2ijx7UXPwr1z6iO5gdqagQC+uNrkzTTUKsQPH7LfKdYsak
iK1A8/+AZQc=
=nYTz
—–END PGP SIGNATURE—–
—
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: mysql:8.0 security update
Advisory ID: RHSA-2020:3755-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3755
Issue date: 2020-09-15
CVE Names: CVE-2019-2911 CVE-2019-2914 CVE-2019-2938
CVE-2019-2946 CVE-2019-2957 CVE-2019-2960
CVE-2019-2963 CVE-2019-2966 CVE-2019-2967
CVE-2019-2968 CVE-2019-2974 CVE-2019-2982
CVE-2019-2991 CVE-2019-2993 CVE-2019-2997
CVE-2019-2998 CVE-2019-3004 CVE-2019-3009
CVE-2019-3011 CVE-2019-3018 CVE-2020-2570
CVE-2020-2573 CVE-2020-2574 CVE-2020-2577
CVE-2020-2579 CVE-2020-2580 CVE-2020-2584
CVE-2020-2588 CVE-2020-2589 CVE-2020-2627
CVE-2020-2660 CVE-2020-2679 CVE-2020-2686
CVE-2020-2694 CVE-2020-2752 CVE-2020-2759
CVE-2020-2760 CVE-2020-2761 CVE-2020-2762
CVE-2020-2763 CVE-2020-2765 CVE-2020-2770
CVE-2020-2774 CVE-2020-2779 CVE-2020-2780
CVE-2020-2804 CVE-2020-2812 CVE-2020-2814
CVE-2020-2853 CVE-2020-2892 CVE-2020-2893
CVE-2020-2895 CVE-2020-2896 CVE-2020-2897
CVE-2020-2898 CVE-2020-2901 CVE-2020-2903
CVE-2020-2904 CVE-2020-2921 CVE-2020-2922
CVE-2020-2923 CVE-2020-2924 CVE-2020-2925
CVE-2020-2926 CVE-2020-2928 CVE-2020-2930
CVE-2020-14539 CVE-2020-14540 CVE-2020-14547
CVE-2020-14550 CVE-2020-14553 CVE-2020-14559
CVE-2020-14567 CVE-2020-14568 CVE-2020-14575
CVE-2020-14576 CVE-2020-14586 CVE-2020-14597
CVE-2020-14614 CVE-2020-14619 CVE-2020-14620
CVE-2020-14623 CVE-2020-14624 CVE-2020-14631
CVE-2020-14632 CVE-2020-14633 CVE-2020-14634
CVE-2020-14641 CVE-2020-14643 CVE-2020-14651
CVE-2020-14654 CVE-2020-14656 CVE-2020-14663
CVE-2020-14678 CVE-2020-14680 CVE-2020-14697
CVE-2020-14702 CVE-2020-14725
=====================================================================
1. Summary:
An update for the mysql:8.0 module is now available for Red Hat Enterprise
Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream E4S (v. 8.0) – aarch64, ppc64le, s390x, x86_64
3. Description:
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
The following packages have been upgraded to a later upstream version:
mysql (8.0.21).
Security Fix(es):
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities
(CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761,
CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586,
CVE-2020-14702)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities
(CVE-2019-2914, CVE-2019-2957)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938,
CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589,
CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895,
CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)
* mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946,
CVE-2020-2925)
* mysql: Server: Replication multiple unspecified vulnerabilities
(CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)
* mysql: Server: Optimizer multiple unspecified vulnerabilities
(CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991,
CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686,
CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904,
CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539,
CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654,
CVE-2020-14680, CVE-2020-14725)
* mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993,
CVE-2019-3011)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997,
CVE-2020-2580)
* mysql: Server: Parser multiple unspecified vulnerabilities
(CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)
* mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)
* mysql: Server: Options multiple unspecified vulnerabilities
(CVE-2020-2584, CVE-2020-14632)
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588,
CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)
* mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752,
CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)
* mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)
* mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)
* mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)
* mysql: Server: Information Schema multiple unspecified vulnerabilities
(CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)
* mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)
* mysql: Server: Connection Handling unspecified vulnerability
(CVE-2020-2903)
* mysql: Server: Group Replication Plugin unspecified vulnerability
(CVE-2020-2921)
* mysql: Server: Group Replication GCS unspecified vulnerability
(CVE-2020-2926)
* mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)
* mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)
* mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)
* mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)
* mysql: Server: Security: Roles multiple unspecified vulnerabilities
(CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)
* mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)
* mysql: Information Schema unspecified vulnerability (CVE-2019-2911)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically.
5. Bugs fixed (https://bugzilla.redhat.com/):
1764675 – CVE-2019-2911 mysql: Information Schema unspecified vulnerability (CPU Oct 2019)
1764676 – CVE-2019-2914 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
1764680 – CVE-2019-2938 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764681 – CVE-2019-2946 mysql: Server: PS unspecified vulnerability (CPU Oct 2019)
1764684 – CVE-2019-2957 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
1764685 – CVE-2019-2960 mysql: Server: Replication unspecified vulnerability (CPU Oct 2019)
1764686 – CVE-2019-2963 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764687 – CVE-2019-2966 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764688 – CVE-2019-2967 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764689 – CVE-2019-2968 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764691 – CVE-2019-2974 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764692 – CVE-2019-2982 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764693 – CVE-2019-2991 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764694 – CVE-2019-2993 mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
1764695 – CVE-2019-2997 mysql: Server: DDL unspecified vulnerability (CPU Oct 2019)
1764696 – CVE-2019-2998 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764698 – CVE-2019-3004 mysql: Server: Parser unspecified vulnerability (CPU Oct 2019)
1764699 – CVE-2019-3009 mysql: Server: Connection unspecified vulnerability (CPU Oct 2019)
1764700 – CVE-2019-3011 mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
1764701 – CVE-2019-3018 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1796880 – CVE-2020-2577 mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
1796881 – CVE-2020-2579 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796882 – CVE-2020-2580 mysql: Server: DDL unspecified vulnerability (CPU Jan 2020)
1796883 – CVE-2020-2584 mysql: Server: Options unspecified vulnerability (CPU Jan 2020)
1796884 – CVE-2020-2588 mysql: Server: DML unspecified vulnerability (CPU Jan 2020)
1796885 – CVE-2020-2589 mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
1796886 – CVE-2020-2660 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796887 – CVE-2020-2679 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796888 – CVE-2020-2686 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796889 – CVE-2020-2694 mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2020)
1796905 – CVE-2020-2627 mysql: Server: Parser unspecified vulnerability (CPU Jan 2020)
1798559 – CVE-2020-2570 mysql: C API unspecified vulnerability (CPU Jan 2020)
1798576 – CVE-2020-2573 mysql: C API unspecified vulnerability (CPU Jan 2020)
1798587 – CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020)
1830048 – CVE-2020-2759 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
1830049 – CVE-2020-2761 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830050 – CVE-2020-2762 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830051 – CVE-2020-2763 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
1830052 – CVE-2020-2765 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830053 – CVE-2020-2770 mysql: Server: Logging unspecified vulnerability (CPU Apr 2020)
1830054 – CVE-2020-2774 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830055 – CVE-2020-2779 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830056 – CVE-2020-2780 mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
1830058 – CVE-2020-2804 mysql: Server: Memcached unspecified vulnerability (CPU Apr 2020)
1830059 – CVE-2020-2812 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
1830060 – CVE-2020-2814 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830061 – CVE-2020-2853 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830062 – CVE-2020-2892 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830064 – CVE-2020-2893 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830066 – CVE-2020-2895 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830067 – CVE-2020-2896 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2020)
1830068 – CVE-2020-2897 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830069 – CVE-2020-2898 mysql: Server: Charsets unspecified vulnerability (CPU Apr 2020)
1830070 – CVE-2020-2901 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830071 – CVE-2020-2903 mysql: Server: Connection Handling unspecified vulnerability (CPU Apr 2020)
1830072 – CVE-2020-2904 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830073 – CVE-2020-2921 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020)
1830074 – CVE-2020-2923 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830075 – CVE-2020-2924 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830076 – CVE-2020-2925 mysql: Server: PS unspecified vulnerability (CPU Apr 2020)
1830077 – CVE-2020-2926 mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020)
1830078 – CVE-2020-2928 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830079 – CVE-2020-2930 mysql: Server: Parser unspecified vulnerability (CPU Apr 2020)
1830082 – CVE-2020-2760 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1835849 – CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020)
1835850 – CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020)
1865945 – CVE-2020-14539 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865947 – CVE-2020-14540 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865948 – CVE-2020-14547 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865949 – CVE-2020-14550 mysql: C API unspecified vulnerability (CPU Jul 2020)
1865950 – CVE-2020-14553 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020)
1865951 – CVE-2020-14559 mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020)
1865952 – CVE-2020-14567 mysql: Server: Replication unspecified vulnerability (CPU Jul 2020)
1865953 – CVE-2020-14568 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865954 – CVE-2020-14575 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865955 – CVE-2020-14576 mysql: Server: UDF unspecified vulnerability (CPU Jul 2020)
1865956 – CVE-2020-14586 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865958 – CVE-2020-14597 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865959 – CVE-2020-14614 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865960 – CVE-2020-14619 mysql: Server: Parser unspecified vulnerability (CPU Jul 2020)
1865961 – CVE-2020-14620 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865962 – CVE-2020-14623 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865963 – CVE-2020-14624 mysql: Server: JSON unspecified vulnerability (CPU Jul 2020)
1865964 – CVE-2020-14631 mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2020)
1865965 – CVE-2020-14632 mysql: Server: Options unspecified vulnerability (CPU Jul 2020)
1865966 – CVE-2020-14633 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865967 – CVE-2020-14634 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865968 – CVE-2020-14641 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1865969 – CVE-2020-14643 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1865970 – CVE-2020-14654 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865971 – CVE-2020-14656 mysql: Server: Locking unspecified vulnerability (CPU Jul 2020)
1865972 – CVE-2020-14663 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865973 – CVE-2020-14678 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865974 – CVE-2020-14680 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865975 – CVE-2020-14697 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865976 – CVE-2020-14702 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865977 – CVE-2020-14725 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865982 – CVE-2020-14651 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1874044 – Module stream mysql:8.0 does not have correct module.md file [rhel-8.0.0.z]
6. Package List:
Red Hat Enterprise Linux AppStream E4S (v. 8.0):
Source:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.src.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.src.rpm
mysql-8.0.21-1.module+el8.0.0+7853+3a2b0b25.src.rpm
aarch64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mysql-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-common-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-debugsource-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-devel-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-errmsg-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-libs-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-server-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-test-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.aarch64.rpm
ppc64le:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mysql-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-common-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-debugsource-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-devel-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-errmsg-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-libs-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-server-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-test-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.ppc64le.rpm
s390x:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mysql-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-common-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-debugsource-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-devel-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-errmsg-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-libs-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-server-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-test-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.s390x.rpm
x86_64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mysql-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-common-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-debugsource-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-devel-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-errmsg-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-libs-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-server-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-test-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.0.0+7853+3a2b0b25.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-2911
https://access.redhat.com/security/cve/CVE-2019-2914
https://access.redhat.com/security/cve/CVE-2019-2938
https://access.redhat.com/security/cve/CVE-2019-2946
https://access.redhat.com/security/cve/CVE-2019-2957
https://access.redhat.com/security/cve/CVE-2019-2960
https://access.redhat.com/security/cve/CVE-2019-2963
https://access.redhat.com/security/cve/CVE-2019-2966
https://access.redhat.com/security/cve/CVE-2019-2967
https://access.redhat.com/security/cve/CVE-2019-2968
https://access.redhat.com/security/cve/CVE-2019-2974
https://access.redhat.com/security/cve/CVE-2019-2982
https://access.redhat.com/security/cve/CVE-2019-2991
https://access.redhat.com/security/cve/CVE-2019-2993
https://access.redhat.com/security/cve/CVE-2019-2997
https://access.redhat.com/security/cve/CVE-2019-2998
https://access.redhat.com/security/cve/CVE-2019-3004
https://access.redhat.com/security/cve/CVE-2019-3009
https://access.redhat.com/security/cve/CVE-2019-3011
https://access.redhat.com/security/cve/CVE-2019-3018
https://access.redhat.com/security/cve/CVE-2020-2570
https://access.redhat.com/security/cve/CVE-2020-2573
https://access.redhat.com/security/cve/CVE-2020-2574
https://access.redhat.com/security/cve/CVE-2020-2577
https://access.redhat.com/security/cve/CVE-2020-2579
https://access.redhat.com/security/cve/CVE-2020-2580
https://access.redhat.com/security/cve/CVE-2020-2584
https://access.redhat.com/security/cve/CVE-2020-2588
https://access.redhat.com/security/cve/CVE-2020-2589
https://access.redhat.com/security/cve/CVE-2020-2627
https://access.redhat.com/security/cve/CVE-2020-2660
https://access.redhat.com/security/cve/CVE-2020-2679
https://access.redhat.com/security/cve/CVE-2020-2686
https://access.redhat.com/security/cve/CVE-2020-2694
https://access.redhat.com/security/cve/CVE-2020-2752
https://access.redhat.com/security/cve/CVE-2020-2759
https://access.redhat.com/security/cve/CVE-2020-2760
https://access.redhat.com/security/cve/CVE-2020-2761
https://access.redhat.com/security/cve/CVE-2020-2762
https://access.redhat.com/security/cve/CVE-2020-2763
https://access.redhat.com/security/cve/CVE-2020-2765
https://access.redhat.com/security/cve/CVE-2020-2770
https://access.redhat.com/security/cve/CVE-2020-2774
https://access.redhat.com/security/cve/CVE-2020-2779
https://access.redhat.com/security/cve/CVE-2020-2780
https://access.redhat.com/security/cve/CVE-2020-2804
https://access.redhat.com/security/cve/CVE-2020-2812
https://access.redhat.com/security/cve/CVE-2020-2814
https://access.redhat.com/security/cve/CVE-2020-2853
https://access.redhat.com/security/cve/CVE-2020-2892
https://access.redhat.com/security/cve/CVE-2020-2893
https://access.redhat.com/security/cve/CVE-2020-2895
https://access.redhat.com/security/cve/CVE-2020-2896
https://access.redhat.com/security/cve/CVE-2020-2897
https://access.redhat.com/security/cve/CVE-2020-2898
https://access.redhat.com/security/cve/CVE-2020-2901
https://access.redhat.com/security/cve/CVE-2020-2903
https://access.redhat.com/security/cve/CVE-2020-2904
https://access.redhat.com/security/cve/CVE-2020-2921
https://access.redhat.com/security/cve/CVE-2020-2922
https://access.redhat.com/security/cve/CVE-2020-2923
https://access.redhat.com/security/cve/CVE-2020-2924
https://access.redhat.com/security/cve/CVE-2020-2925
https://access.redhat.com/security/cve/CVE-2020-2926
https://access.redhat.com/security/cve/CVE-2020-2928
https://access.redhat.com/security/cve/CVE-2020-2930
https://access.redhat.com/security/cve/CVE-2020-14539
https://access.redhat.com/security/cve/CVE-2020-14540
https://access.redhat.com/security/cve/CVE-2020-14547
https://access.redhat.com/security/cve/CVE-2020-14550
https://access.redhat.com/security/cve/CVE-2020-14553
https://access.redhat.com/security/cve/CVE-2020-14559
https://access.redhat.com/security/cve/CVE-2020-14567
https://access.redhat.com/security/cve/CVE-2020-14568
https://access.redhat.com/security/cve/CVE-2020-14575
https://access.redhat.com/security/cve/CVE-2020-14576
https://access.redhat.com/security/cve/CVE-2020-14586
https://access.redhat.com/security/cve/CVE-2020-14597
https://access.redhat.com/security/cve/CVE-2020-14614
https://access.redhat.com/security/cve/CVE-2020-14619
https://access.redhat.com/security/cve/CVE-2020-14620
https://access.redhat.com/security/cve/CVE-2020-14623
https://access.redhat.com/security/cve/CVE-2020-14624
https://access.redhat.com/security/cve/CVE-2020-14631
https://access.redhat.com/security/cve/CVE-2020-14632
https://access.redhat.com/security/cve/CVE-2020-14633
https://access.redhat.com/security/cve/CVE-2020-14634
https://access.redhat.com/security/cve/CVE-2020-14641
https://access.redhat.com/security/cve/CVE-2020-14643
https://access.redhat.com/security/cve/CVE-2020-14651
https://access.redhat.com/security/cve/CVE-2020-14654
https://access.redhat.com/security/cve/CVE-2020-14656
https://access.redhat.com/security/cve/CVE-2020-14663
https://access.redhat.com/security/cve/CVE-2020-14678
https://access.redhat.com/security/cve/CVE-2020-14680
https://access.redhat.com/security/cve/CVE-2020-14697
https://access.redhat.com/security/cve/CVE-2020-14702
https://access.redhat.com/security/cve/CVE-2020-14725
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iQIVAwUBX2DpStzjgjWX9erEAQhlghAAhRLuJCVzVd/U1c6cH1QeXYlTVyvvDNjf
tb0Z3fmvLgCsbtfIZqsaFD8mZZS2Ifm8ge7DmUeMX6xFuzI/bMw+CI9ytAVp45Wu
PRkUAc4SSJYNxkBUDzLXtNXcaiDYnYIyUWK7Oa92Rj+CInsnv5I7K25NGOuSUncg
SAvUqXb3mYOLz4/fuIXAqQb6YTnAiuhg99FWtb0emdCd4Q3kfs7EpU3iHBWZfBZU
I/r1pl5CYJ7DIOTg98e563b3ce1WcqgbLOkFyEMohe+Wp0gmeONQzhQtANqnd/Qg
wwPf6NMrh0frbkw6u1EIeDcYtQkalYdLgkxVPx4bL2pvXy1C69KpYQ3p1IXTa0dY
NGFpPyT3VSKhdG/LGxUo8qVwMCHmxAY16GYkApheH7V0slNcekT4igDcmFr2wT4m
iWSWFCbp6UPvPMrTfXLr4EdsZcMN2l2cJ453970kpuf2VbLUU75+GpLxRpk16ZyK
QyBq1CGl1n/TCP7OyW1sCNUrQJBzwQhR5lxHJRbBGGdSJtRa9qYtc2DY/2z5EP+A
0NgPjelP8aHS0fBiInB0TVZ5IYu3j+DWGljq0Oz2UrDzq9xrUH0HdLDykSgbArZw
Lf3DoyOnDq4y6XEdCPDSublbLWmP6NWxjRhNh7FErB/qcp1tQsZaDR7pOnLQZ+Da
1ZilbfZ7fTo=
=LtxQ
—–END PGP SIGNATURE—–
—
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce