-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: mysql:8.0 security, bug fix, and enhancement update Advisory ID: RHSA-2021:3590-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3590 Issue date: 2021-09-21 CVE Names: CVE-2020-14672 CVE-2020-14765 CVE-2020-14769 CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 CVE-2020-14804 CVE-2020-14809 CVE-2020-14812 CVE-2020-14814 CVE-2020-14821 CVE-2020-14828 CVE-2020-14829 CVE-2020-14830 CVE-2020-14836 CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 CVE-2020-14848 CVE-2020-14852 CVE-2020-14860 CVE-2020-14861 CVE-2020-14866 CVE-2020-14867 CVE-2020-14868 CVE-2020-14870 CVE-2020-14873 CVE-2020-14888 CVE-2020-14891 CVE-2020-14893 CVE-2021-2001 CVE-2021-2002 CVE-2021-2010 CVE-2021-2011 CVE-2021-2021 CVE-2021-2022 CVE-2021-2024 CVE-2021-2028 CVE-2021-2030 CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 CVE-2021-2038 CVE-2021-2042 CVE-2021-2046 CVE-2021-2048 CVE-2021-2055 CVE-2021-2056 CVE-2021-2058 CVE-2021-2060 CVE-2021-2061 CVE-2021-2065 CVE-2021-2070 CVE-2021-2072 CVE-2021-2076 CVE-2021-2081 CVE-2021-2087 CVE-2021-2088 CVE-2021-2122 CVE-2021-2146 CVE-2021-2164 CVE-2021-2166 CVE-2021-2169 CVE-2021-2170 CVE-2021-2171 CVE-2021-2172 CVE-2021-2174 CVE-2021-2178 CVE-2021-2179 CVE-2021-2180 CVE-2021-2193 CVE-2021-2194 CVE-2021-2196 CVE-2021-2201 CVE-2021-2202 CVE-2021-2203 CVE-2021-2208 CVE-2021-2212 CVE-2021-2213 CVE-2021-2215 CVE-2021-2217 CVE-2021-2226 CVE-2021-2230 CVE-2021-2232 CVE-2021-2278 CVE-2021-2293 CVE-2021-2298 CVE-2021-2299 CVE-2021-2300 CVE-2021-2301 CVE-2021-2304 CVE-2021-2305 CVE-2021-2307 CVE-2021-2308 CVE-2021-2339 CVE-2021-2340 CVE-2021-2342 CVE-2021-2352 CVE-2021-2354 CVE-2021-2356 CVE-2021-2357 CVE-2021-2367 CVE-2021-2370 CVE-2021-2372 CVE-2021-2374 CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 CVE-2021-2387 CVE-2021-2389 CVE-2021-2390 CVE-2021-2399 CVE-2021-2402 CVE-2021-2410 CVE-2021-2412 CVE-2021-2417 CVE-2021-2418 CVE-2021-2422 CVE-2021-2424 CVE-2021-2425 CVE-2021-2426 CVE-2021-2427 CVE-2021-2429 CVE-2021-2437 CVE-2021-2440 CVE-2021-2441 CVE-2021-2444 ===================================================================== 1. Summary: An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.26). (BZ#1996693) Security Fix(es): * mysql: Server: Stored Procedure multiple vulnerabilities (CVE-2020-14672, CVE-2021-2046, CVE-2021-2072, CVE-2021-2081, CVE-2021-2215, CVE-2021-2217, CVE-2021-2293, CVE-2021-2304, CVE-2021-2424) * mysql: Server: FTS multiple vulnerabilities (CVE-2020-14765, CVE-2020-14789, CVE-2020-14804) * mysql: Server: Optimizer multiple vulnerabilities (CVE-2020-14769, CVE-2020-14773, CVE-2020-14777, CVE-2020-14785, CVE-2020-14793, CVE-2020-14794, CVE-2020-14809, CVE-2020-14830, CVE-2020-14836, CVE-2020-14837, CVE-2020-14839, CVE-2020-14845, CVE-2020-14846, CVE-2020-14861, CVE-2020-14866, CVE-2020-14868, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893, CVE-2021-2001, CVE-2021-2021, CVE-2021-2024, CVE-2021-2030, CVE-2021-2031, CVE-2021-2036, CVE-2021-2055, CVE-2021-2060, CVE-2021-2065, CVE-2021-2070, CVE-2021-2076, CVE-2021-2164, CVE-2021-2169, CVE-2021-2170, CVE-2021-2193, CVE-2021-2203, CVE-2021-2212, CVE-2021-2213, CVE-2021-2230, CVE-2021-2278, CVE-2021-2298, CVE-2021-2299, CVE-2021-2342, CVE-2021-2357, CVE-2021-2367, CVE-2021-2383, CVE-2021-2384, CVE-2021-2387, CVE-2021-2410, CVE-2021-2412, CVE-2021-2418, CVE-2021-2425, CVE-2021-2426, CVE-2021-2427, CVE-2021-2437, CVE-2021-2441, CVE-2021-2444) * mysql: InnoDB multiple vulnerabilities (CVE-2020-14775, CVE-2020-14776, CVE-2020-14821, CVE-2020-14829, CVE-2020-14848, CVE-2021-2022, CVE-2021-2028, CVE-2021-2048, CVE-2021-2174, CVE-2021-2180, CVE-2021-2194, CVE-2021-2372, CVE-2021-2374, CVE-2021-2389, CVE-2021-2390, CVE-2021-2429, CVE-2020-14791, CVE-2021-2042) * mysql: Server: PS multiple vulnerabilities (CVE-2020-14786, CVE-2020-14790, CVE-2020-14844, CVE-2021-2422) * mysql: Server: Security multiple vulnerabilities (CVE-2020-14800, CVE-2020-14838, CVE-2020-14860) * mysql: Server: Locking multiple vulnerabilities (CVE-2020-14812, CVE-2021-2058, CVE-2021-2402) * mysql: Server: DML multiple vulnerabilities (CVE-2020-14814, CVE-2020-14828, CVE-2021-2056, CVE-2021-2087, CVE-2021-2088, CVE-2021-2166, CVE-2021-2172, CVE-2021-2196, CVE-2021-2300, CVE-2021-2305, CVE-2021-2370, CVE-2021-2440) * mysql: Server: Charsets unspecified vulnerability (CVE-2020-14852) * mysql: Server: DDL multiple vulnerabilities (CVE-2020-14867, CVE-2021-2061, CVE-2021-2122, CVE-2021-2339, CVE-2021-2352, CVE-2021-2399) * mysql: Server: X Plugin unspecified vulnerability (CVE-2020-14870) * mysql: Server: Logging unspecified vulnerability (CVE-2020-14873) * mysql: Server: Replication multiple vulnerabilities (CVE-2021-2002, CVE-2021-2171, CVE-2021-2178, CVE-2021-2202, CVE-2021-2356, CVE-2021-2385) * mysql: C API multiple vulnerabilities (CVE-2021-2010, CVE-2021-2011) * mysql: Server: Components Services unspecified vulnerability (CVE-2021-2038) * mysql: Server: Options unspecified vulnerability (CVE-2021-2146) * mysql: Server: Group Replication Plugin multiple vulnerabilities (CVE-2021-2179, CVE-2021-2232) * mysql: Server: Partition multiple vulnerabilities (CVE-2021-2201, CVE-2021-2208) * mysql: Server: Information Schema multiple vulnerabilities (CVE-2021-2032, CVE-2021-2226, CVE-2021-2301, CVE-2021-2308) * mysql: Server: Packaging unspecified vulnerability (CVE-2021-2307) * mysql: Server: Federated unspecified vulnerability (CVE-2021-2354) * mysql: Server: GIS unspecified vulnerability (CVE-2021-2417) * mysql: Server: Memcached unspecified vulnerability (CVE-2021-2340) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Segfault and possible DoS with a crafted query (BZ#1996699) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1890737 - CVE-2020-14672 mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2020) 1890738 - CVE-2020-14765 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) 1890739 - CVE-2020-14769 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890742 - CVE-2020-14773 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890743 - CVE-2020-14776 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) 1890744 - CVE-2020-14777 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890745 - CVE-2020-14785 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890746 - CVE-2020-14786 mysql: Server: PS unspecified vulnerability (CPU Oct 2020) 1890747 - CVE-2020-14789 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) 1890748 - CVE-2020-14790 mysql: Server: PS unspecified vulnerability (CPU Oct 2020) 1890749 - CVE-2020-14791 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) 1890750 - CVE-2020-14793 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890751 - CVE-2020-14794 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890753 - CVE-2020-14800 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020) 1890754 - CVE-2020-14804 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) 1890755 - CVE-2020-14809 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890756 - CVE-2020-14812 mysql: Server: Locking unspecified vulnerability (CPU Oct 2020) 1890757 - CVE-2020-14814 mysql: Server: DML unspecified vulnerability (CPU Oct 2020) 1890758 - CVE-2020-14821 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) 1890760 - CVE-2020-14828 mysql: Server: DML unspecified vulnerability (CPU Oct 2020) 1890761 - CVE-2020-14829 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) 1890762 - CVE-2020-14830 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890763 - CVE-2020-14836 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890764 - CVE-2020-14837 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890765 - CVE-2020-14838 mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2020) 1890766 - CVE-2020-14839 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890767 - CVE-2020-14844 mysql: Server: PS unspecified vulnerability (CPU Oct 2020) 1890768 - CVE-2020-14845 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890769 - CVE-2020-14846 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890770 - CVE-2020-14848 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) 1890771 - CVE-2020-14852 mysql: Server: Charsets unspecified vulnerability (CPU Oct 2020) 1890772 - CVE-2020-14860 mysql: Server: Security: Roles unspecified vulnerability (CPU Oct 2020) 1890773 - CVE-2020-14861 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890774 - CVE-2020-14866 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890775 - CVE-2020-14867 mysql: Server: DDL unspecified vulnerability (CPU Oct 2020) 1890776 - CVE-2020-14868 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890778 - CVE-2020-14870 mysql: Server: X Plugin unspecified vulnerability (CPU Oct 2020) 1890779 - CVE-2020-14873 mysql: Server: Logging unspecified vulnerability (CPU Oct 2020) 1890781 - CVE-2020-14888 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890782 - CVE-2020-14891 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890783 - CVE-2020-14893 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020) 1890784 - CVE-2020-14775 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) 1922379 - CVE-2021-2001 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922380 - CVE-2021-2002 mysql: Server: Replication unspecified vulnerability (CPU Jan 2021) 1922383 - CVE-2021-2010 mysql: C API unspecified vulnerability (CPU Jan 2021) 1922384 - CVE-2021-2011 mysql: C API unspecified vulnerability (CPU Jan 2021) 1922388 - CVE-2021-2021 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922389 - CVE-2021-2022 mysql: InnoDB unspecified vulnerability (CPU Jan 2021) 1922390 - CVE-2021-2024 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922391 - CVE-2021-2028 mysql: InnoDB unspecified vulnerability (CPU Jan 2021) 1922392 - CVE-2021-2030 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922393 - CVE-2021-2031 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922394 - CVE-2021-2032 mysql: Information Schema unspecified vulnerability (CPU Jan 2021) 1922395 - CVE-2021-2036 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922396 - CVE-2021-2038 mysql: Server: Components Services unspecified vulnerability (CPU Jan 2021) 1922397 - CVE-2021-2042 mysql: InnoDB unspecified vulnerability (CPU Jan 2021) 1922398 - CVE-2021-2046 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021) 1922399 - CVE-2021-2048 mysql: InnoDB unspecified vulnerability (CPU Jan 2021) 1922400 - CVE-2021-2055 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922401 - CVE-2021-2058 mysql: Server: Locking unspecified vulnerability (CPU Jan 2021) 1922402 - CVE-2021-2060 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922403 - CVE-2021-2061 mysql: Server: DDL unspecified vulnerability (CPU Jan 2021) 1922404 - CVE-2021-2065 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922405 - CVE-2021-2070 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922406 - CVE-2021-2072 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021) 1922407 - CVE-2021-2076 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021) 1922408 - CVE-2021-2087 mysql: Server: DML unspecified vulnerability (CPU Jan 2021) 1922410 - CVE-2021-2088 mysql: Server: DML unspecified vulnerability (CPU Jan 2021) 1922411 - CVE-2021-2122 mysql: Server: DDL unspecified vulnerability (CPU Jan 2021) 1922416 - CVE-2021-2081 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021) 1922419 - CVE-2021-2056 mysql: Server: DML unspecified vulnerability (CPU Jan 2021) 1951751 - CVE-2021-2146 mysql: Server: Options unspecified vulnerability (CPU Apr 2021) 1951754 - CVE-2021-2164 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951755 - CVE-2021-2166 mysql: Server: DML unspecified vulnerability (CPU Apr 2021) 1951756 - CVE-2021-2169 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951757 - CVE-2021-2170 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951758 - CVE-2021-2171 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021) 1951759 - CVE-2021-2172 mysql: Server: DML unspecified vulnerability (CPU Apr 2021) 1951760 - CVE-2021-2178 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021) 1951761 - CVE-2021-2179 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2021) 1951762 - CVE-2021-2180 mysql: InnoDB unspecified vulnerability (CPU Apr 2021) 1951763 - CVE-2021-2193 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951764 - CVE-2021-2194 mysql: InnoDB unspecified vulnerability (CPU Apr 2021) 1951765 - CVE-2021-2196 mysql: Server: DML unspecified vulnerability (CPU Apr 2021) 1951766 - CVE-2021-2201 mysql: Server: Partition unspecified vulnerability (CPU Apr 2021) 1951767 - CVE-2021-2202 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021) 1951768 - CVE-2021-2203 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951769 - CVE-2021-2208 mysql: Server: Partition unspecified vulnerability (CPU Apr 2021) 1951770 - CVE-2021-2212 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951771 - CVE-2021-2213 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951772 - CVE-2021-2215 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021) 1951773 - CVE-2021-2217 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021) 1951774 - CVE-2021-2226 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021) 1951775 - CVE-2021-2230 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951776 - CVE-2021-2232 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2021) 1951777 - CVE-2021-2278 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951778 - CVE-2021-2293 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021) 1951779 - CVE-2021-2298 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951780 - CVE-2021-2299 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021) 1951781 - CVE-2021-2300 mysql: Server: DML unspecified vulnerability (CPU Apr 2021) 1951782 - CVE-2021-2301 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021) 1951783 - CVE-2021-2304 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021) 1951784 - CVE-2021-2305 mysql: Server: DML unspecified vulnerability (CPU Apr 2021) 1951785 - CVE-2021-2307 mysql: Server: Packaging unspecified vulnerability (CPU Apr 2021) 1951786 - CVE-2021-2308 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021) 1952802 - CVE-2021-2174 mysql: InnoDB unspecified vulnerability (CPU Apr 2021) 1992279 - CVE-2021-2340 mysql: Server: Memcached unspecified vulnerability (CPU Jul 2021) 1992280 - CVE-2021-2339 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021) 1992294 - CVE-2021-2342 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992297 - CVE-2021-2352 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021) 1992298 - CVE-2021-2354 mysql: Server: Federated unspecified vulnerability (CPU Jul 2021) 1992299 - CVE-2021-2356 mysql: Server: Replication unspecified vulnerability (CPU Jul 2021) 1992300 - CVE-2021-2357 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992301 - CVE-2021-2367 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992302 - CVE-2021-2370 mysql: Server: DML unspecified vulnerability (CPU Jul 2021) 1992303 - CVE-2021-2372 mysql: InnoDB unspecified vulnerability (CPU Jul 2021) 1992304 - CVE-2021-2374 mysql: InnoDB unspecified vulnerability (CPU Jul 2021) 1992305 - CVE-2021-2383 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992306 - CVE-2021-2384 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992307 - CVE-2021-2385 mysql: Server: Replication unspecified vulnerability (CPU Jul 2021) 1992308 - CVE-2021-2387 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992309 - CVE-2021-2389 mysql: InnoDB unspecified vulnerability (CPU Jul 2021) 1992310 - CVE-2021-2390 mysql: InnoDB unspecified vulnerability (CPU Jul 2021) 1992311 - CVE-2021-2399 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021) 1992312 - CVE-2021-2402 mysql: Server: Locking unspecified vulnerability (CPU Jul 2021) 1992313 - CVE-2021-2410 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992314 - CVE-2021-2412 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992315 - CVE-2021-2417 mysql: Server: GIS unspecified vulnerability (CPU Jul 2021) 1992316 - CVE-2021-2418 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992317 - CVE-2021-2422 mysql: Server: PS unspecified vulnerability (CPU Jul 2021) 1992318 - CVE-2021-2424 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2021) 1992319 - CVE-2021-2425 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992320 - CVE-2021-2426 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992321 - CVE-2021-2427 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992322 - CVE-2021-2429 mysql: InnoDB unspecified vulnerability (CPU Jul 2021) 1992323 - CVE-2021-2437 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992324 - CVE-2021-2440 mysql: Server: DML unspecified vulnerability (CPU Jul 2021) 1992325 - CVE-2021-2441 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1992326 - CVE-2021-2444 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021) 1996693 - Tracker: MySQL rebase to the latest version (8.0.26) [rhel-8.4.0.z] 1996699 - Segfault and possible DoS with a crafted query [rhel-8.4.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.src.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.src.rpm mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.src.rpm aarch64: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm ppc64le: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm s390x: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm x86_64: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-14672 https://access.redhat.com/security/cve/CVE-2020-14765 https://access.redhat.com/security/cve/CVE-2020-14769 https://access.redhat.com/security/cve/CVE-2020-14773 https://access.redhat.com/security/cve/CVE-2020-14775 https://access.redhat.com/security/cve/CVE-2020-14776 https://access.redhat.com/security/cve/CVE-2020-14777 https://access.redhat.com/security/cve/CVE-2020-14785 https://access.redhat.com/security/cve/CVE-2020-14786 https://access.redhat.com/security/cve/CVE-2020-14789 https://access.redhat.com/security/cve/CVE-2020-14790 https://access.redhat.com/security/cve/CVE-2020-14791 https://access.redhat.com/security/cve/CVE-2020-14793 https://access.redhat.com/security/cve/CVE-2020-14794 https://access.redhat.com/security/cve/CVE-2020-14800 https://access.redhat.com/security/cve/CVE-2020-14804 https://access.redhat.com/security/cve/CVE-2020-14809 https://access.redhat.com/security/cve/CVE-2020-14812 https://access.redhat.com/security/cve/CVE-2020-14814 https://access.redhat.com/security/cve/CVE-2020-14821 https://access.redhat.com/security/cve/CVE-2020-14828 https://access.redhat.com/security/cve/CVE-2020-14829 https://access.redhat.com/security/cve/CVE-2020-14830 https://access.redhat.com/security/cve/CVE-2020-14836 https://access.redhat.com/security/cve/CVE-2020-14837 https://access.redhat.com/security/cve/CVE-2020-14838 https://access.redhat.com/security/cve/CVE-2020-14839 https://access.redhat.com/security/cve/CVE-2020-14844 https://access.redhat.com/security/cve/CVE-2020-14845 https://access.redhat.com/security/cve/CVE-2020-14846 https://access.redhat.com/security/cve/CVE-2020-14848 https://access.redhat.com/security/cve/CVE-2020-14852 https://access.redhat.com/security/cve/CVE-2020-14860 https://access.redhat.com/security/cve/CVE-2020-14861 https://access.redhat.com/security/cve/CVE-2020-14866 https://access.redhat.com/security/cve/CVE-2020-14867 https://access.redhat.com/security/cve/CVE-2020-14868 https://access.redhat.com/security/cve/CVE-2020-14870 https://access.redhat.com/security/cve/CVE-2020-14873 https://access.redhat.com/security/cve/CVE-2020-14888 https://access.redhat.com/security/cve/CVE-2020-14891 https://access.redhat.com/security/cve/CVE-2020-14893 https://access.redhat.com/security/cve/CVE-2021-2001 https://access.redhat.com/security/cve/CVE-2021-2002 https://access.redhat.com/security/cve/CVE-2021-2010 https://access.redhat.com/security/cve/CVE-2021-2011 https://access.redhat.com/security/cve/CVE-2021-2021 https://access.redhat.com/security/cve/CVE-2021-2022 https://access.redhat.com/security/cve/CVE-2021-2024 https://access.redhat.com/security/cve/CVE-2021-2028 https://access.redhat.com/security/cve/CVE-2021-2030 https://access.redhat.com/security/cve/CVE-2021-2031 https://access.redhat.com/security/cve/CVE-2021-2032 https://access.redhat.com/security/cve/CVE-2021-2036 https://access.redhat.com/security/cve/CVE-2021-2038 https://access.redhat.com/security/cve/CVE-2021-2042 https://access.redhat.com/security/cve/CVE-2021-2046 https://access.redhat.com/security/cve/CVE-2021-2048 https://access.redhat.com/security/cve/CVE-2021-2055 https://access.redhat.com/security/cve/CVE-2021-2056 https://access.redhat.com/security/cve/CVE-2021-2058 https://access.redhat.com/security/cve/CVE-2021-2060 https://access.redhat.com/security/cve/CVE-2021-2061 https://access.redhat.com/security/cve/CVE-2021-2065 https://access.redhat.com/security/cve/CVE-2021-2070 https://access.redhat.com/security/cve/CVE-2021-2072 https://access.redhat.com/security/cve/CVE-2021-2076 https://access.redhat.com/security/cve/CVE-2021-2081 https://access.redhat.com/security/cve/CVE-2021-2087 https://access.redhat.com/security/cve/CVE-2021-2088 https://access.redhat.com/security/cve/CVE-2021-2122 https://access.redhat.com/security/cve/CVE-2021-2146 https://access.redhat.com/security/cve/CVE-2021-2164 https://access.redhat.com/security/cve/CVE-2021-2166 https://access.redhat.com/security/cve/CVE-2021-2169 https://access.redhat.com/security/cve/CVE-2021-2170 https://access.redhat.com/security/cve/CVE-2021-2171 https://access.redhat.com/security/cve/CVE-2021-2172 https://access.redhat.com/security/cve/CVE-2021-2174 https://access.redhat.com/security/cve/CVE-2021-2178 https://access.redhat.com/security/cve/CVE-2021-2179 https://access.redhat.com/security/cve/CVE-2021-2180 https://access.redhat.com/security/cve/CVE-2021-2193 https://access.redhat.com/security/cve/CVE-2021-2194 https://access.redhat.com/security/cve/CVE-2021-2196 https://access.redhat.com/security/cve/CVE-2021-2201 https://access.redhat.com/security/cve/CVE-2021-2202 https://access.redhat.com/security/cve/CVE-2021-2203 https://access.redhat.com/security/cve/CVE-2021-2208 https://access.redhat.com/security/cve/CVE-2021-2212 https://access.redhat.com/security/cve/CVE-2021-2213 https://access.redhat.com/security/cve/CVE-2021-2215 https://access.redhat.com/security/cve/CVE-2021-2217 https://access.redhat.com/security/cve/CVE-2021-2226 https://access.redhat.com/security/cve/CVE-2021-2230 https://access.redhat.com/security/cve/CVE-2021-2232 https://access.redhat.com/security/cve/CVE-2021-2278 https://access.redhat.com/security/cve/CVE-2021-2293 https://access.redhat.com/security/cve/CVE-2021-2298 https://access.redhat.com/security/cve/CVE-2021-2299 https://access.redhat.com/security/cve/CVE-2021-2300 https://access.redhat.com/security/cve/CVE-2021-2301 https://access.redhat.com/security/cve/CVE-2021-2304 https://access.redhat.com/security/cve/CVE-2021-2305 https://access.redhat.com/security/cve/CVE-2021-2307 https://access.redhat.com/security/cve/CVE-2021-2308 https://access.redhat.com/security/cve/CVE-2021-2339 https://access.redhat.com/security/cve/CVE-2021-2340 https://access.redhat.com/security/cve/CVE-2021-2342 https://access.redhat.com/security/cve/CVE-2021-2352 https://access.redhat.com/security/cve/CVE-2021-2354 https://access.redhat.com/security/cve/CVE-2021-2356 https://access.redhat.com/security/cve/CVE-2021-2357 https://access.redhat.com/security/cve/CVE-2021-2367 https://access.redhat.com/security/cve/CVE-2021-2370 https://access.redhat.com/security/cve/CVE-2021-2372 https://access.redhat.com/security/cve/CVE-2021-2374 https://access.redhat.com/security/cve/CVE-2021-2383 https://access.redhat.com/security/cve/CVE-2021-2384 https://access.redhat.com/security/cve/CVE-2021-2385 https://access.redhat.com/security/cve/CVE-2021-2387 https://access.redhat.com/security/cve/CVE-2021-2389 https://access.redhat.com/security/cve/CVE-2021-2390 https://access.redhat.com/security/cve/CVE-2021-2399 https://access.redhat.com/security/cve/CVE-2021-2402 https://access.redhat.com/security/cve/CVE-2021-2410 https://access.redhat.com/security/cve/CVE-2021-2412 https://access.redhat.com/security/cve/CVE-2021-2417 https://access.redhat.com/security/cve/CVE-2021-2418 https://access.redhat.com/security/cve/CVE-2021-2422 https://access.redhat.com/security/cve/CVE-2021-2424 https://access.redhat.com/security/cve/CVE-2021-2425 https://access.redhat.com/security/cve/CVE-2021-2426 https://access.redhat.com/security/cve/CVE-2021-2427 https://access.redhat.com/security/cve/CVE-2021-2429 https://access.redhat.com/security/cve/CVE-2021-2437 https://access.redhat.com/security/cve/CVE-2021-2440 https://access.redhat.com/security/cve/CVE-2021-2441 https://access.redhat.com/security/cve/CVE-2021-2444 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYUmblNzjgjWX9erEAQj26g//bvqaMJCam8AMIh0s5CSAgSEFH4HKj/24 K/uePYzmrrBSwoj8TRnpEs7v74iHk860+cqmIFxDGY8bmi6b9N4gBmc1RaBQ79+6 2BWGXMRUnJB6dfM6jrJ1J2VH5wm1xkp4kPLpsPnNAmBo1iPIGBIwk/Th3Uqi2UGQ 2uYaKlz5iBCfgwfvkAvogdn5Pkpc65sYo6PM+N7J1vVpOmOQnhgeo5ehADxf+XDH 6Q2OYaGj1dIZZib1RTixx09bFb/BByLLZCVDRfnY7kI6YuXRFq65g7P5lxD9jHt+ cKsLlbiDROx95Ip+/EiPBCAuMcLhSUmgoN016BU8THzDiBV4Mu8z8exJpxhSlbry NbWQjTIEgw63H9VLI4e+QXcI/ByEnZ3GHRz5X4deFOBtEBm+iVcUgCcM3jc2qk44 doiKdvaJZ/LhMv6jOa8k9LRAXMZbVrcxjR6KrWIK/93qIvo73x4jWbt6uwmd+P51 iRo0woe7rU/+exAjXKQn7l08LBU0yic7wQdCdWO1dMnMME9pJGO6G15nSfnKMhvC YtPt2yi7wIrgFkqj/x/usvCEUYiJgo1BJRMRVz4JhDkknDfVIx9A+BJkVaAmdEuo WvKKEJ0hWUKqM1MUrpFYEyXnN2isN3L5r6MWN8JgdSbNkfIL1EekdH6CY/M/tuyY izWVKA7zui0= =kq76 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce