Moderate: mysql security, bug fix, and enhancement update

Topic

An update for mysql is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.30). (BZ#2122589)

Security Fix(es):

• mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479)
• mysql: Server: DML unspecified vulnerability (CPU Apr 2022) (CVE-2022-21413)
• mysql: Server: Replication unspecified vulnerability (CPU Apr 2022) (CVE-2022-21415)
• mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21423)
• mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2022) (CVE-2022-21425, CVE-2022-21444)
• mysql: Server: FTS unspecified vulnerability (CPU Apr 2022) (CVE-2022-21427)
• mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21454)
• mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022) (CVE-2022-21455)
• mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022) (CVE-2022-21457)
• mysql: Server: Logging unspecified vulnerability (CPU Apr 2022) (CVE-2022-21460)
• mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21556, CVE-2022-21569)
• mysql: Server: Options unspecified vulnerability (CPU Jul 2022) (CVE-2022-21515)
• mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21517, CVE-2022-21537, CVE-2022-21539)
• mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CPU Jul 2022) (CVE-2022-21522, CVE-2022-21534)
• mysql: Server: Federated unspecified vulnerability (CPU Jul 2022) (CVE-2022-21547)
• mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022) (CVE-2022-21538)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Default logrotate set to wrong log file (BZ#2122592)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

Affected Products

• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
• Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
• Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

• BZ - 2082636 - CVE-2022-21412 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082637 - CVE-2022-21413 mysql: Server: DML unspecified vulnerability (CPU Apr 2022)
• BZ - 2082638 - CVE-2022-21414 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082639 - CVE-2022-21415 mysql: Server: Replication unspecified vulnerability (CPU Apr 2022)
• BZ - 2082640 - CVE-2022-21417 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
• BZ - 2082641 - CVE-2022-21418 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
• BZ - 2082642 - CVE-2022-21423 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
• BZ - 2082643 - CVE-2022-21425 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)
• BZ - 2082644 - CVE-2022-21427 mysql: Server: FTS unspecified vulnerability (CPU Apr 2022)
• BZ - 2082645 - CVE-2022-21435 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082646 - CVE-2022-21436 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082647 - CVE-2022-21437 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082648 - CVE-2022-21438 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082649 - CVE-2022-21440 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082650 - CVE-2022-21444 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)
• BZ - 2082651 - CVE-2022-21451 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
• BZ - 2082652 - CVE-2022-21452 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082653 - CVE-2022-21454 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022)
• BZ - 2082654 - CVE-2022-21457 mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022)
• BZ - 2082655 - CVE-2022-21459 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082656 - CVE-2022-21460 mysql: Server: Logging unspecified vulnerability (CPU Apr 2022)
• BZ - 2082657 - CVE-2022-21462 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082658 - CVE-2022-21478 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2082659 - CVE-2022-21479 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
• BZ - 2115282 - CVE-2022-21455 mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022)
• BZ - 2115283 - CVE-2022-21509 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115284 - CVE-2022-21515 mysql: Server: Options unspecified vulnerability (CPU Jul 2022)
• BZ - 2115285 - CVE-2022-21517 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
• BZ - 2115286 - CVE-2022-21522 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2022)
• BZ - 2115287 - CVE-2022-21525 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115288 - CVE-2022-21526 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115289 - CVE-2022-21527 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115290 - CVE-2022-21528 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115291 - CVE-2022-21529 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115292 - CVE-2022-21530 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115293 - CVE-2022-21531 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115294 - CVE-2022-21534 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2022)
• BZ - 2115295 - CVE-2022-21537 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
• BZ - 2115296 - CVE-2022-21538 mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022)
• BZ - 2115297 - CVE-2022-21539 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
• BZ - 2115298 - CVE-2022-21547 mysql: Server: Federated unspecified vulnerability (CPU Jul 2022)
• BZ - 2115299 - CVE-2022-21553 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115300 - CVE-2022-21556 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2115301 - CVE-2022-21569 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
• BZ - 2122589 - [Tracker] Rebase to MySQL 8.0.30 [rhel-9.0.0.z]
• BZ - 2122592 - Default logrotate set to wrong log file [rhel-9.0.0.z]

CVEs

• CVE-2022-21412
• CVE-2022-21413
• CVE-2022-21414
• CVE-2022-21415
• CVE-2022-21417
• CVE-2022-21418
• CVE-2022-21423
• CVE-2022-21425
• CVE-2022-21427
• CVE-2022-21435
• CVE-2022-21436
• CVE-2022-21437
• CVE-2022-21438
• CVE-2022-21440
• CVE-2022-21444
• CVE-2022-21451
• CVE-2022-21452
• CVE-2022-21454
• CVE-2022-21455
• CVE-2022-21457
• CVE-2022-21459
• CVE-2022-21460
• CVE-2022-21462
• CVE-2022-21478
• CVE-2022-21479
• CVE-2022-21509
• CVE-2022-21515
• CVE-2022-21517
• CVE-2022-21522
• CVE-2022-21525
• CVE-2022-21526
• CVE-2022-21527
• CVE-2022-21528
• CVE-2022-21529
• CVE-2022-21530
• CVE-2022-21531
• CVE-2022-21534
• CVE-2022-21537
• CVE-2022-21538
• CVE-2022-21539
• CVE-2022-21547
• CVE-2022-21553
• CVE-2022-21556
• CVE-2022-21569

References

• https://access.redhat.com/security/updates/classification/#moderate