USN-4350-1

See a problem?

Source

https://ubuntu.com/security/notices/USN-4350-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4350-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4350-1

Related

CVE-2020-2759
CVE-2020-2760
CVE-2020-2762
CVE-2020-2763
CVE-2020-2765
CVE-2020-2780
CVE-2020-2804
CVE-2020-2812
CVE-2020-2892
CVE-2020-2893
CVE-2020-2895
CVE-2020-2896
CVE-2020-2897
CVE-2020-2898
CVE-2020-2901
CVE-2020-2903
CVE-2020-2904
CVE-2020-2921
CVE-2020-2922
CVE-2020-2923
CVE-2020-2924
CVE-2020-2925
CVE-2020-2926
CVE-2020-2928
CVE-2020-2930
UBUNTU-CVE-2020-2759
UBUNTU-CVE-2020-2760
UBUNTU-CVE-2020-2762
UBUNTU-CVE-2020-2763
UBUNTU-CVE-2020-2765
UBUNTU-CVE-2020-2780
UBUNTU-CVE-2020-2804
UBUNTU-CVE-2020-2812
UBUNTU-CVE-2020-2892
UBUNTU-CVE-2020-2893
UBUNTU-CVE-2020-2895
UBUNTU-CVE-2020-2896
UBUNTU-CVE-2020-2897
UBUNTU-CVE-2020-2898
UBUNTU-CVE-2020-2901
UBUNTU-CVE-2020-2903
UBUNTU-CVE-2020-2904
UBUNTU-CVE-2020-2921
UBUNTU-CVE-2020-2922
UBUNTU-CVE-2020-2923
UBUNTU-CVE-2020-2924
UBUNTU-CVE-2020-2925
UBUNTU-CVE-2020-2926
UBUNTU-CVE-2020-2928
UBUNTU-CVE-2020-2930

Published

2020-05-04T12:08:10.915888Z

Modified

2020-05-04T12:08:10.915888Z

Summary

mysql-5.7, mysql-8.0 vulnerabilities

Details

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30.

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-30.html

https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-20.html

https://www.oracle.com/security-alerts/cpuapr2020.html

References

Affected packages

Ubuntu:16.04:LTS / mysql-5.7

Package

Name: mysql-5.7
Purl: pkg:deb/ubuntu/mysql-5.7@5.7.30-0ubuntu0.16.04.1?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.7.30-0ubuntu0.16.04.1

Affected versions

5.*

5.7.11-0ubuntu4

5.7.11-0ubuntu5

5.7.11-0ubuntu6

5.7.12-0ubuntu1

5.7.12-0ubuntu1.1

5.7.13-0ubuntu0.16.04.2

5.7.15-0ubuntu0.16.04.1

5.7.16-0ubuntu0.16.04.1

5.7.17-0ubuntu0.16.04.1

5.7.17-0ubuntu0.16.04.2

5.7.18-0ubuntu0.16.04.1

5.7.19-0ubuntu0.16.04.1

5.7.20-0ubuntu0.16.04.1

5.7.21-0ubuntu0.16.04.1

5.7.22-0ubuntu0.16.04.1

5.7.23-0ubuntu0.16.04.1

5.7.24-0ubuntu0.16.04.1

5.7.25-0ubuntu0.16.04.2

5.7.26-0ubuntu0.16.04.1

5.7.27-0ubuntu0.16.04.1

5.7.28-0ubuntu0.16.04.2

5.7.29-0ubuntu0.16.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "mysql-client-core-5.7-dbgsym": "5.7.30-0ubuntu0.16.04.1",
            "mysql-testsuite-5.7": "5.7.30-0ubuntu0.16.04.1",
            "libmysqld-dev": "5.7.30-0ubuntu0.16.04.1",
            "mysql-client-core-5.7": "5.7.30-0ubuntu0.16.04.1",
            "mysql-client": "5.7.30-0ubuntu0.16.04.1",
            "mysql-client-5.7-dbgsym": "5.7.30-0ubuntu0.16.04.1",
            "mysql-common": "5.7.30-0ubuntu0.16.04.1",
            "mysql-server": "5.7.30-0ubuntu0.16.04.1",
            "mysql-testsuite-5.7-dbgsym": "5.7.30-0ubuntu0.16.04.1",
            "mysql-server-core-5.7": "5.7.30-0ubuntu0.16.04.1",
            "libmysqlclient20-dbgsym": "5.7.30-0ubuntu0.16.04.1",
            "mysql-server-5.7": "5.7.30-0ubuntu0.16.04.1",
            "mysql-server-core-5.7-dbgsym": "5.7.30-0ubuntu0.16.04.1",
            "mysql-testsuite": "5.7.30-0ubuntu0.16.04.1",
            "mysql-server-5.7-dbgsym": "5.7.30-0ubuntu0.16.04.1",
            "libmysqlclient20": "5.7.30-0ubuntu0.16.04.1",
            "libmysqlclient-dev": "5.7.30-0ubuntu0.16.04.1",
            "mysql-client-5.7": "5.7.30-0ubuntu0.16.04.1",
            "mysql-source-5.7": "5.7.30-0ubuntu0.16.04.1"
        }
    ]
}

Ubuntu:18.04:LTS / mysql-5.7

Package

Name: mysql-5.7
Purl: pkg:deb/ubuntu/mysql-5.7@5.7.30-0ubuntu0.18.04.1?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.7.30-0ubuntu0.18.04.1

Affected versions

5.*

5.7.19-0ubuntu1

5.7.20-0ubuntu0.17.10.1

5.7.20-1ubuntu1

5.7.21-1ubuntu1

5.7.22-0ubuntu18.04.1

5.7.23-0ubuntu0.18.04.1

5.7.24-0ubuntu0.18.04.1

5.7.25-0ubuntu0.18.04.2

5.7.26-0ubuntu0.18.04.1

5.7.27-0ubuntu0.18.04.1

5.7.28-0ubuntu0.18.04.4

5.7.29-0ubuntu0.18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "mysql-client-core-5.7-dbgsym": "5.7.30-0ubuntu0.18.04.1",
            "mysql-testsuite-5.7": "5.7.30-0ubuntu0.18.04.1",
            "libmysqld-dev": "5.7.30-0ubuntu0.18.04.1",
            "mysql-client-core-5.7": "5.7.30-0ubuntu0.18.04.1",
            "mysql-client": "5.7.30-0ubuntu0.18.04.1",
            "mysql-client-5.7-dbgsym": "5.7.30-0ubuntu0.18.04.1",
            "libmysqlclient20": "5.7.30-0ubuntu0.18.04.1",
            "mysql-testsuite-5.7-dbgsym": "5.7.30-0ubuntu0.18.04.1",
            "mysql-server": "5.7.30-0ubuntu0.18.04.1",
            "libmysqlclient20-dbgsym": "5.7.30-0ubuntu0.18.04.1",
            "mysql-server-5.7": "5.7.30-0ubuntu0.18.04.1",
            "mysql-server-core-5.7-dbgsym": "5.7.30-0ubuntu0.18.04.1",
            "mysql-testsuite": "5.7.30-0ubuntu0.18.04.1",
            "mysql-server-5.7-dbgsym": "5.7.30-0ubuntu0.18.04.1",
            "mysql-server-core-5.7": "5.7.30-0ubuntu0.18.04.1",
            "libmysqlclient-dev": "5.7.30-0ubuntu0.18.04.1",
            "mysql-client-5.7": "5.7.30-0ubuntu0.18.04.1",
            "mysql-source-5.7": "5.7.30-0ubuntu0.18.04.1"
        }
    ]
}

Ubuntu:20.04:LTS / mysql-8.0

Package

Name: mysql-8.0
Purl: pkg:deb/ubuntu/mysql-8.0@8.0.20-0ubuntu0.20.04.1?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.20-0ubuntu0.20.04.1

Affected versions

8.*

8.0.17-0ubuntu2

8.0.17-0ubuntu3

8.0.18-0ubuntu3

8.0.18-0ubuntu4

8.0.18-0ubuntu5

8.0.19-0ubuntu2

8.0.19-0ubuntu3

8.0.19-0ubuntu4

8.0.19-0ubuntu5

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "libmysqlclient21-dbgsym": "8.0.20-0ubuntu0.20.04.1",
            "mysql-client": "8.0.20-0ubuntu0.20.04.1",
            "mysql-testsuite-8.0-dbgsym": "8.0.20-0ubuntu0.20.04.1",
            "mysql-client-core-8.0-dbgsym": "8.0.20-0ubuntu0.20.04.1",
            "mysql-server": "8.0.20-0ubuntu0.20.04.1",
            "libmysqlclient21": "8.0.20-0ubuntu0.20.04.1",
            "mysql-testsuite": "8.0.20-0ubuntu0.20.04.1",
            "mysql-router-dbgsym": "8.0.20-0ubuntu0.20.04.1",
            "mysql-source-8.0": "8.0.20-0ubuntu0.20.04.1",
            "libmysqlclient-dev": "8.0.20-0ubuntu0.20.04.1",
            "mysql-server-8.0": "8.0.20-0ubuntu0.20.04.1",
            "mysql-client-8.0": "8.0.20-0ubuntu0.20.04.1",
            "mysql-router": "8.0.20-0ubuntu0.20.04.1",
            "mysql-server-core-8.0": "8.0.20-0ubuntu0.20.04.1",
            "mysql-testsuite-8.0": "8.0.20-0ubuntu0.20.04.1",
            "mysql-server-core-8.0-dbgsym": "8.0.20-0ubuntu0.20.04.1",
            "mysql-client-core-8.0": "8.0.20-0ubuntu0.20.04.1"
        }
    ]
}