ALSA-2025:16046

Source
https://errata.almalinux.org/9/ALSA-2025-16046.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:16046.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2025:16046
Related
Published
2025-09-17T00:00:00Z
Modified
2025-09-18T08:40:08Z
Summary
Moderate: mysql:8.4 security update
Details

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

Security Fix(es):

  • openssl: Timing side-channel in ECDSA signature computation (CVE-2024-13176)
  • mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
  • mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30688)
  • mysql: Stored Procedure unspecified vulnerability (CPU Apr 2025) (CVE-2025-30699)
  • mysql: UDF unspecified vulnerability (CPU Apr 2025) (CVE-2025-30721)
  • mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30682)
  • mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30683)
  • mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30715)
  • mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21574)
  • mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21585)
  • mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21588)
  • mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30681)
  • mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-21577)
  • mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30687)
  • mysql: DML unspecified vulnerability (CPU Apr 2025) (CVE-2025-21580)
  • mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30696)
  • mysql: PS unspecified vulnerability (CPU Apr 2025) (CVE-2025-30705)
  • mysql: Parser unspecified vulnerability (CPU Apr 2025) (CVE-2025-21575)
  • mysql: Options unspecified vulnerability (CPU Apr 2025) (CVE-2025-21579)
  • mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30685)
  • mysql: Components Services unspecified vulnerability (CPU Apr 2025) (CVE-2025-30704)
  • mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-21581)
  • mysql: Optimizer unspecified vulnerability (CPU Apr 2025) (CVE-2025-30689)
  • mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30695)
  • mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30703)
  • mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
  • mysql: DDL unspecified vulnerability (CPU Apr 2025) (CVE-2025-21584)
  • mysql: Replication unspecified vulnerability (CPU Apr 2025) (CVE-2025-30684)
  • curl: libcurl: WebSocket endless loop (CVE-2025-5399)
  • mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50092)
  • mysql: mysqldump unspecified vulnerability (CPU Jul 2025) (CVE-2025-50081)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50079)
  • mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50077)
  • mysql: DML unspecified vulnerability (CPU Jul 2025) (CVE-2025-50078)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50091)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50101)
  • mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50093)
  • mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50099)
  • mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50085)
  • mysql: Components Services unspecified vulnerability (CPU Jul 2025) (CVE-2025-50086)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50082)
  • mysql: Encryption unspecified vulnerability (CPU Jul 2025) (CVE-2025-50097)
  • mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50104)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50087)
  • mysql: Stored Procedure unspecified vulnerability (CPU Jul 2025) (CVE-2025-50080)
  • mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50088)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50083)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50084)
  • mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025) (CVE-2025-50100)
  • mysql: DDL unspecified vulnerability (CPU Jul 2025) (CVE-2025-50094)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50098)
  • mysql: InnoDB unspecified vulnerability (CPU Jul 2025) (CVE-2025-50096)
  • mysql: Optimizer unspecified vulnerability (CPU Jul 2025) (CVE-2025-50102)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9 / mecab

Package

Name
mecab
Purl
pkg:rpm/almalinux/mecab

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.996-3.module_el9.6.0+152+8cbce00c.4

AlmaLinux:9 / mecab-devel

Package

Name
mecab-devel
Purl
pkg:rpm/almalinux/mecab-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.996-3.module_el9.6.0+152+8cbce00c.4

AlmaLinux:9 / mecab-ipadic

Package

Name
mecab-ipadic
Purl
pkg:rpm/almalinux/mecab-ipadic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.0.20070801-24.module_el9.6.0+152+8cbce00c

AlmaLinux:9 / mecab-ipadic-EUCJP

Package

Name
mecab-ipadic-EUCJP
Purl
pkg:rpm/almalinux/mecab-ipadic-EUCJP

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.0.20070801-24.module_el9.6.0+152+8cbce00c

AlmaLinux:9 / mysql

Package

Name
mysql
Purl
pkg:rpm/almalinux/mysql

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / mysql-common

Package

Name
mysql-common
Purl
pkg:rpm/almalinux/mysql-common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / mysql-devel

Package

Name
mysql-devel
Purl
pkg:rpm/almalinux/mysql-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / mysql-errmsg

Package

Name
mysql-errmsg
Purl
pkg:rpm/almalinux/mysql-errmsg

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / mysql-libs

Package

Name
mysql-libs
Purl
pkg:rpm/almalinux/mysql-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / mysql-server

Package

Name
mysql-server
Purl
pkg:rpm/almalinux/mysql-server

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / mysql-test

Package

Name
mysql-test
Purl
pkg:rpm/almalinux/mysql-test

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / mysql-test-data

Package

Name
mysql-test-data
Purl
pkg:rpm/almalinux/mysql-test-data

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.4.6-1.module_el9.6.0+180+a4e757e5

AlmaLinux:9 / rapidjson-devel

Package

Name
rapidjson-devel
Purl
pkg:rpm/almalinux/rapidjson-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.0-19.module_el9.6.0+152+8cbce00c

AlmaLinux:9 / rapidjson-doc

Package

Name
rapidjson-doc
Purl
pkg:rpm/almalinux/rapidjson-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.0-19.module_el9.6.0+152+8cbce00c