RLSA-2024:0894
- Source
- https://errata.rockylinux.org/RLSA-2024:0894
- Import Source
- https://storage.googleapis.com/resf-osv-data/RLSA-2024:0894.json
- JSON Data
- https://api.osv.dev/v1/vulns/RLSA-2024:0894
- Published
- 2025-05-07T19:11:47.341314Z
- Modified
- 2025-05-07T19:38:05.499784Z
- Upstream
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Moderate: mysql:8.0 security update
- Details
-
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
Security Fix(es):
mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911)
mysql: Server: DDL unspecified vulnerability (CPU Apr 2023) (CVE-2023-21919, CVE-2023-21929, CVE-2023-21933)
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21920, CVE-2023-21935, CVE-2023-21945, CVE-2023-21946, CVE-2023-21976, CVE-2023-21977, CVE-2023-21982)
mysql: Server: Components Services unspecified vulnerability (CPU Apr 2023) (CVE-2023-21940, CVE-2023-21947, CVE-2023-21962)
mysql: Server: Partition unspecified vulnerability (CPU Apr 2023) (CVE-2023-21953, CVE-2023-21955)
mysql: Server: JSON unspecified vulnerability (CPU Apr 2023) (CVE-2023-21966)
mysql: Server: DML unspecified vulnerability (CPU Apr 2023) (CVE-2023-21972)
mysql: Client programs unspecified vulnerability (CPU Apr 2023) (CVE-2023-21980)
mysql: Server: Replication unspecified vulnerability (CPU Jul 2023) (CVE-2023-22005, CVE-2023-22007, CVE-2023-22057)
mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22008)
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22065, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079, CVE-2023-22092, CVE-2023-22103, CVE-2023-22110, CVE-2023-22112)
mysql: InnoDB unspecified vulnerability (CPU Jul 2023) (CVE-2023-22033)
mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2023) (CVE-2023-22046, CVE-2023-22054, CVE-2023-22056)
mysql: Client programs unspecified vulnerability (CPU Jul 2023) (CVE-2023-22053)
mysql: Server: DDL unspecified vulnerability (CPU Jul 2023) (CVE-2023-22058)
mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22066, CVE-2023-22068, CVE-2023-22084, CVE-2023-22097, CVE-2023-22104, CVE-2023-22114)
mysql: Server: UDF unspecified vulnerability (CPU Oct 2023) (CVE-2023-22111)
mysql: Server: DML unspecified vulnerability (CPU Oct 2023) (CVE-2023-22115)
mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024) (CVE-2024-20960)
mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024) (CVE-2024-20963)
mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024) (CVE-2024-20964)
mysql: Server: Replication unspecified vulnerability (CPU Jan 2024) (CVE-2024-20967)
mysql: Server: Options unspecified vulnerability (CPU Jan 2024) (CVE-2024-20968)
mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20969)
mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024) (CVE-2024-20961, CVE-2024-20962, CVE-2024-20965, CVE-2024-20966, CVE-2024-20970, CVE-2024-20971, CVE-2024-20972, CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977, CVE-2024-20978, CVE-2024-20982)
mysql: Server: DDL unspecified vulnerability (CPU Jan 2024) (CVE-2024-20981)
mysql: Server: DML unspecified vulnerability (CPU Jan 2024) (CVE-2024-20983)
mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024) (CVE-2024-20984)
mysql: Server: UDF unspecified vulnerability (CPU Jan 2024) (CVE-2024-20985)
zstd: mysql: buffer overrun in util.c (CVE-2022-4899)
mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2023) (CVE-2023-22038)
mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2023) (CVE-2023-22048)
mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023) (CVE-2023-22113)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF (Rocky Linux-22452)
- References
-
- https://errata.rockylinux.org/RLSA-2024:0894
- https://bugzilla.redhat.com/show_bug.cgi?id=2179864
- https://bugzilla.redhat.com/show_bug.cgi?id=2188109
- https://bugzilla.redhat.com/show_bug.cgi?id=2188113
- https://bugzilla.redhat.com/show_bug.cgi?id=2188115
- https://bugzilla.redhat.com/show_bug.cgi?id=2188116
- https://bugzilla.redhat.com/show_bug.cgi?id=2188117
- https://bugzilla.redhat.com/show_bug.cgi?id=2188118
- https://bugzilla.redhat.com/show_bug.cgi?id=2188119
- https://bugzilla.redhat.com/show_bug.cgi?id=2188120
- https://bugzilla.redhat.com/show_bug.cgi?id=2188121
- https://bugzilla.redhat.com/show_bug.cgi?id=2188122
- https://bugzilla.redhat.com/show_bug.cgi?id=2188123
- https://bugzilla.redhat.com/show_bug.cgi?id=2188124
- https://bugzilla.redhat.com/show_bug.cgi?id=2188125
- https://bugzilla.redhat.com/show_bug.cgi?id=2188127
- https://bugzilla.redhat.com/show_bug.cgi?id=2188128
- https://bugzilla.redhat.com/show_bug.cgi?id=2188129
- https://bugzilla.redhat.com/show_bug.cgi?id=2188130
- https://bugzilla.redhat.com/show_bug.cgi?id=2188131
- https://bugzilla.redhat.com/show_bug.cgi?id=2188132
- https://bugzilla.redhat.com/show_bug.cgi?id=2224211
- https://bugzilla.redhat.com/show_bug.cgi?id=2224212
- https://bugzilla.redhat.com/show_bug.cgi?id=2224213
- https://bugzilla.redhat.com/show_bug.cgi?id=2224214
- https://bugzilla.redhat.com/show_bug.cgi?id=2224215
- https://bugzilla.redhat.com/show_bug.cgi?id=2224216
- https://bugzilla.redhat.com/show_bug.cgi?id=2224217
- https://bugzilla.redhat.com/show_bug.cgi?id=2224218
- https://bugzilla.redhat.com/show_bug.cgi?id=2224219
- https://bugzilla.redhat.com/show_bug.cgi?id=2224220
- https://bugzilla.redhat.com/show_bug.cgi?id=2224221
- https://bugzilla.redhat.com/show_bug.cgi?id=2224222
- https://bugzilla.redhat.com/show_bug.cgi?id=2245014
- https://bugzilla.redhat.com/show_bug.cgi?id=2245015
- https://bugzilla.redhat.com/show_bug.cgi?id=2245016
- https://bugzilla.redhat.com/show_bug.cgi?id=2245017
- https://bugzilla.redhat.com/show_bug.cgi?id=2245018
- https://bugzilla.redhat.com/show_bug.cgi?id=2245019
- https://bugzilla.redhat.com/show_bug.cgi?id=2245020
- https://bugzilla.redhat.com/show_bug.cgi?id=2245021
- https://bugzilla.redhat.com/show_bug.cgi?id=2245022
- https://bugzilla.redhat.com/show_bug.cgi?id=2245023
- https://bugzilla.redhat.com/show_bug.cgi?id=2245024
- https://bugzilla.redhat.com/show_bug.cgi?id=2245026
- https://bugzilla.redhat.com/show_bug.cgi?id=2245027
- https://bugzilla.redhat.com/show_bug.cgi?id=2245028
- https://bugzilla.redhat.com/show_bug.cgi?id=2245029
- https://bugzilla.redhat.com/show_bug.cgi?id=2245030
- https://bugzilla.redhat.com/show_bug.cgi?id=2245031
- https://bugzilla.redhat.com/show_bug.cgi?id=2245032
- https://bugzilla.redhat.com/show_bug.cgi?id=2245033
- https://bugzilla.redhat.com/show_bug.cgi?id=2245034
- https://bugzilla.redhat.com/show_bug.cgi?id=2258771
- https://bugzilla.redhat.com/show_bug.cgi?id=2258772
- https://bugzilla.redhat.com/show_bug.cgi?id=2258773
- https://bugzilla.redhat.com/show_bug.cgi?id=2258774
- https://bugzilla.redhat.com/show_bug.cgi?id=2258775
- https://bugzilla.redhat.com/show_bug.cgi?id=2258776
- https://bugzilla.redhat.com/show_bug.cgi?id=2258777
- https://bugzilla.redhat.com/show_bug.cgi?id=2258778
- https://bugzilla.redhat.com/show_bug.cgi?id=2258779
- https://bugzilla.redhat.com/show_bug.cgi?id=2258780
- https://bugzilla.redhat.com/show_bug.cgi?id=2258781
- https://bugzilla.redhat.com/show_bug.cgi?id=2258782
- https://bugzilla.redhat.com/show_bug.cgi?id=2258783
- https://bugzilla.redhat.com/show_bug.cgi?id=2258784
- https://bugzilla.redhat.com/show_bug.cgi?id=2258785
- https://bugzilla.redhat.com/show_bug.cgi?id=2258787
- https://bugzilla.redhat.com/show_bug.cgi?id=2258788
- https://bugzilla.redhat.com/show_bug.cgi?id=2258789
- https://bugzilla.redhat.com/show_bug.cgi?id=2258790
- https://bugzilla.redhat.com/show_bug.cgi?id=2258791
- https://bugzilla.redhat.com/show_bug.cgi?id=2258792
- https://bugzilla.redhat.com/show_bug.cgi?id=2258793
- https://bugzilla.redhat.com/show_bug.cgi?id=2258794
- Credits
-
-
- Rocky Enterprise Software Foundation
-
- Red Hat
-
Affected packages
Rocky Linux:8 / mecab
Package
- Name
- mecab
- Purl
- pkg:rpm/rocky-linux/mecab?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / mecab
Package
- Name
- mecab
- Purl
- pkg:rpm/rocky-linux/mecab?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / mecab-ipadic
Package
- Name
- mecab-ipadic
- Purl
- pkg:rpm/rocky-linux/mecab-ipadic?distro=rocky-linux-8&epoch=0
Rocky Linux:8 / mysql
Package
- Name
- mysql
- Purl
- pkg:rpm/rocky-linux/mysql?distro=rocky-linux-8&epoch=0