Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2020:3732

Опубликовано: 14 сент. 2020
Источник: rocky
Оценка: Important

Описание

Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.21).

Security Fix(es):

  • mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586, CVE-2020-14702)

  • mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957)

  • mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)

  • mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925)

  • mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)

  • mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654, CVE-2020-14680, CVE-2020-14725)

  • mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011)

  • mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580)

  • mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)

  • mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)

  • mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632)

  • mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)

  • mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)

  • mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)

  • mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)

  • mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)

  • mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)

  • mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)

  • mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903)

  • mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921)

  • mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926)

  • mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)

  • mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)

  • mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)

  • mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)

  • mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)

  • mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)

  • mysql: Information Schema unspecified vulnerability (CVE-2019-2911)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
mecab-ipadicx86_6416.module+el8.3.0+242+87d3366amecab-ipadic-2.7.0.20070801-16.module+el8.3.0+242+87d3366a.x86_64.rpm
mecab-ipadic-EUCJPx86_6416.module+el8.3.0+242+87d3366amecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.3.0+242+87d3366a.x86_64.rpm

Показывать по

Связанные CVE

CVE-2019-2911
CVE-2019-2914
CVE-2019-2938
CVE-2019-2946
CVE-2019-2957
CVE-2019-2960
CVE-2019-2963
CVE-2019-2966
CVE-2019-2967
CVE-2019-2968
CVE-2019-2974
CVE-2019-2982
CVE-2019-2991
CVE-2019-2993
CVE-2019-2997
CVE-2019-2998
CVE-2019-3004
CVE-2019-3009
CVE-2019-3011
CVE-2019-3018
CVE-2020-14539
CVE-2020-14540
CVE-2020-14547
CVE-2020-14550
CVE-2020-14553
CVE-2020-14559
CVE-2020-14567
CVE-2020-14568
CVE-2020-14575
CVE-2020-14576
CVE-2020-14586
CVE-2020-14597
CVE-2020-14614
CVE-2020-14619
CVE-2020-14620
CVE-2020-14623
CVE-2020-14624
CVE-2020-14631
CVE-2020-14632
CVE-2020-14633
CVE-2020-14634
CVE-2020-14641
CVE-2020-14643
CVE-2020-14651
CVE-2020-14654
CVE-2020-14656
CVE-2020-14663
CVE-2020-14678
CVE-2020-14680
CVE-2020-14697
CVE-2020-14702
CVE-2020-14725
CVE-2020-14799
CVE-2020-2570
CVE-2020-2573
CVE-2020-2574
CVE-2020-2577
CVE-2020-2579
CVE-2020-2580
CVE-2020-2584
CVE-2020-2588
CVE-2020-2589
CVE-2020-2627
CVE-2020-2660
CVE-2020-2679
CVE-2020-2686
CVE-2020-2694
CVE-2020-2752
CVE-2020-2759
CVE-2020-2760
CVE-2020-2761
CVE-2020-2762
CVE-2020-2763
CVE-2020-2765
CVE-2020-2770
CVE-2020-2774
CVE-2020-2779
CVE-2020-2780
CVE-2020-2804
CVE-2020-2812
CVE-2020-2814
CVE-2020-2853
CVE-2020-2892
CVE-2020-2893
CVE-2020-2895
CVE-2020-2896
CVE-2020-2897
CVE-2020-2898
CVE-2020-2901
CVE-2020-2903
CVE-2020-2904
CVE-2020-2921
CVE-2020-2922
CVE-2020-2923
CVE-2020-2924
CVE-2020-2925
CVE-2020-2926
CVE-2020-2928
CVE-2020-2930
CVE-2021-1998
CVE-2021-2006
CVE-2021-2007
CVE-2021-2009
CVE-2021-2012
CVE-2021-2016
CVE-2021-2019
CVE-2021-2020
CVE-2021-2144
CVE-2021-2160

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2020-3732

oracle-oval
почти 5 лет назад

ELSA-2020-3732: mysql:8.0 security update (IMPORTANT)

ubuntu логотип

CVE-2019-2911

CVSS3: 2.7
ubuntu
больше 5 лет назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

redhat логотип

CVE-2019-2911

CVSS3: 2.7
redhat
больше 5 лет назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

nvd логотип

CVE-2019-2911

CVSS3: 2.7
nvd
больше 5 лет назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

debian логотип

CVE-2019-2911

CVSS3: 2.7
debian
больше 5 лет назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: ...