ALSA-2023:3087

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.32). (BZ#2177734, BZ#2177735, BZ#2177736)

Security Fix(es):

• mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2023) (CVE-2023-21912)
• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21594)
• mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) (CVE-2022-21599)
• mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604)
• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21608)
• mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611)
• mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) (CVE-2022-21617)
• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21625)
• mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) (CVE-2022-21632)
• mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) (CVE-2022-21633)
• mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637)
• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21640)
• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39400)
• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39408)
• mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39410)
• mysql: Server: DML unspecified vulnerability (CPU Jan 2023) (CVE-2023-21836)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21863)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21864)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21865)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21867)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21868)
• mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21870)
• mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21873)
• mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) (CVE-2023-21875)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21876)
• mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21878)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21879)
• mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21881)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21883)
• mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) (CVE-2023-21887)
• mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21917)
• mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) (CVE-2023-21874)
• mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21882)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• AlmaLinux8 AppStream and Devel channels missing mecab-devel rpm (BZ#2180411)