Headline
RHSA-2020:3757: Red Hat Security Advisory: mysql:8.0 security update
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.21). Security Fix(es):
- mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586, CVE-2020-14702)
- mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957)
- mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)
- mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925)
- mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)
- mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654, CVE-2020-14680, CVE-2020-14725)
- mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011)
- mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580)
- mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)
- mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)
- mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632)
- mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)
- mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)
- mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)
- mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)
- mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)
- mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)
- mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)
- mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903)
- mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921)
- mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926)
- mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)
- mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)
- mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)
- mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)
- mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)
- mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)
- mysql: Information Schema unspecified vulnerability (CVE-2019-2911) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
- CVE-2019-2911: mysql: Information Schema unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2914: mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2938: mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2946: mysql: Server: PS unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2957: mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2960: mysql: Server: Replication unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2963: mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2966: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2967: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2968: mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2974: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2982: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2991: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2993: mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2997: mysql: Server: DDL unspecified vulnerability (CPU Oct 2019)
- CVE-2019-2998: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
- CVE-2019-3004: mysql: Server: Parser unspecified vulnerability (CPU Oct 2019)
- CVE-2019-3009: mysql: Server: Connection unspecified vulnerability (CPU Oct 2019)
- CVE-2019-3011: mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
- CVE-2019-3018: mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
- CVE-2020-2570: mysql: C API unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2573: mysql: C API unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2574: mysql: C API unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2577: mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2579: mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2580: mysql: Server: DDL unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2584: mysql: Server: Options unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2588: mysql: Server: DML unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2589: mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2627: mysql: Server: Parser unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2660: mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2679: mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2686: mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2694: mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2020)
- CVE-2020-2752: mysql: C API unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2759: mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2760: mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2761: mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2762: mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2763: mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2765: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2770: mysql: Server: Logging unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2774: mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2779: mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2780: mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2804: mysql: Server: Memcached unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2812: mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2814: mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2853: mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2892: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2893: mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2895: mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2896: mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2897: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2898: mysql: Server: Charsets unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2901: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2903: mysql: Server: Connection Handling unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2904: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2921: mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2922: mysql: C API unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2923: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2924: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2925: mysql: Server: PS unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2926: mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2928: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
- CVE-2020-2930: mysql: Server: Parser unspecified vulnerability (CPU Apr 2020)
- CVE-2020-14539: mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14540: mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14547: mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14550: mysql: C API unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14553: mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14559: mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14567: mysql: Server: Replication unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14568: mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14575: mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14576: mysql: Server: UDF unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14586: mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14597: mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14614: mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14619: mysql: Server: Parser unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14620: mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14623: mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14624: mysql: Server: JSON unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14631: mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14632: mysql: Server: Options unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14633: mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14634: mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14641: mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14643: mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14651: mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14654: mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14656: mysql: Server: Locking unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14663: mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14678: mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14680: mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14697: mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14702: mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14725: mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
- CVE-2020-14799: mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020)
- CVE-2021-1998: mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2006: mysql: C API unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2007: mysql: C API unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2009: mysql: Server: Security: Roles unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2012: mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2016: mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2019: mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2020: mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
- CVE-2021-2144: mysql: Server: Parser unspecified vulnerability (CPU Apr 2021)
- CVE-2021-2160: mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)