Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.3151 mysql:8.0 security update 15 September 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: mysql:8.0 Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 8 Red Hat Enterprise Linux WS/Desktop 8 Impact/Access: Modify Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Unauthorised Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2020-14725 CVE-2020-14702 CVE-2020-14697 CVE-2020-14680 CVE-2020-14678 CVE-2020-14663 CVE-2020-14656 CVE-2020-14654 CVE-2020-14651 CVE-2020-14643 CVE-2020-14641 CVE-2020-14634 CVE-2020-14633 CVE-2020-14632 CVE-2020-14631 CVE-2020-14624 CVE-2020-14623 CVE-2020-14620 CVE-2020-14619 CVE-2020-14614 CVE-2020-14597 CVE-2020-14586 CVE-2020-14576 CVE-2020-14575 CVE-2020-14568 CVE-2020-14567 CVE-2020-14559 CVE-2020-14553 CVE-2020-14550 CVE-2020-14547 CVE-2020-14540 CVE-2020-14539 CVE-2020-2930 CVE-2020-2928 CVE-2020-2926 CVE-2020-2925 CVE-2020-2924 CVE-2020-2923 CVE-2020-2922 CVE-2020-2921 CVE-2020-2904 CVE-2020-2903 CVE-2020-2901 CVE-2020-2898 CVE-2020-2897 CVE-2020-2896 CVE-2020-2895 CVE-2020-2893 CVE-2020-2892 CVE-2020-2853 CVE-2020-2814 CVE-2020-2812 CVE-2020-2804 CVE-2020-2780 CVE-2020-2779 CVE-2020-2774 CVE-2020-2770 CVE-2020-2765 CVE-2020-2763 CVE-2020-2762 CVE-2020-2761 CVE-2020-2760 CVE-2020-2759 CVE-2020-2752 CVE-2020-2694 CVE-2020-2686 CVE-2020-2679 CVE-2020-2660 CVE-2020-2627 CVE-2020-2589 CVE-2020-2588 CVE-2020-2584 CVE-2020-2580 CVE-2020-2579 CVE-2020-2577 CVE-2020-2574 CVE-2020-2573 CVE-2020-2570 CVE-2019-3018 CVE-2019-3011 CVE-2019-3009 CVE-2019-3004 CVE-2019-2998 CVE-2019-2997 CVE-2019-2993 CVE-2019-2991 CVE-2019-2982 CVE-2019-2974 CVE-2019-2968 CVE-2019-2967 CVE-2019-2966 CVE-2019-2963 CVE-2019-2960 CVE-2019-2957 CVE-2019-2946 CVE-2019-2938 CVE-2019-2914 CVE-2019-2911 Reference: ASB-2020.0132 ASB-2020.0087 ESB-2020.2862 ESB-2020.2584 ESB-2020.1583 ESB-2020.1108 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:3732 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: mysql:8.0 security update Advisory ID: RHSA-2020:3732-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3732 Issue date: 2020-09-14 CVE Names: CVE-2019-2911 CVE-2019-2914 CVE-2019-2938 CVE-2019-2946 CVE-2019-2957 CVE-2019-2960 CVE-2019-2963 CVE-2019-2966 CVE-2019-2967 CVE-2019-2968 CVE-2019-2974 CVE-2019-2982 CVE-2019-2991 CVE-2019-2993 CVE-2019-2997 CVE-2019-2998 CVE-2019-3004 CVE-2019-3009 CVE-2019-3011 CVE-2019-3018 CVE-2020-2570 CVE-2020-2573 CVE-2020-2574 CVE-2020-2577 CVE-2020-2579 CVE-2020-2580 CVE-2020-2584 CVE-2020-2588 CVE-2020-2589 CVE-2020-2627 CVE-2020-2660 CVE-2020-2679 CVE-2020-2686 CVE-2020-2694 CVE-2020-2752 CVE-2020-2759 CVE-2020-2760 CVE-2020-2761 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2770 CVE-2020-2774 CVE-2020-2779 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2853 CVE-2020-2892 CVE-2020-2893 CVE-2020-2895 CVE-2020-2896 CVE-2020-2897 CVE-2020-2898 CVE-2020-2901 CVE-2020-2903 CVE-2020-2904 CVE-2020-2921 CVE-2020-2922 CVE-2020-2923 CVE-2020-2924 CVE-2020-2925 CVE-2020-2926 CVE-2020-2928 CVE-2020-2930 CVE-2020-14539 CVE-2020-14540 CVE-2020-14547 CVE-2020-14550 CVE-2020-14553 CVE-2020-14559 CVE-2020-14567 CVE-2020-14568 CVE-2020-14575 CVE-2020-14576 CVE-2020-14586 CVE-2020-14597 CVE-2020-14614 CVE-2020-14619 CVE-2020-14620 CVE-2020-14623 CVE-2020-14624 CVE-2020-14631 CVE-2020-14632 CVE-2020-14633 CVE-2020-14634 CVE-2020-14641 CVE-2020-14643 CVE-2020-14651 CVE-2020-14654 CVE-2020-14656 CVE-2020-14663 CVE-2020-14678 CVE-2020-14680 CVE-2020-14697 CVE-2020-14702 CVE-2020-14725 ===================================================================== 1. Summary: An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.21). Security Fix(es): * mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586, CVE-2020-14702) * mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957) * mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634) * mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925) * mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654, CVE-2020-14680, CVE-2020-14725) * mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011) * mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580) * mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619) * mysql: Server: Connection unspecified vulnerability (CVE-2019-3009) * mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632) * mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620) * mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574) * mysql: Server: Logging unspecified vulnerability (CVE-2020-2770) * mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804) * mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812) * mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559, CVE-2020-2694) * mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898) * mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903) * mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921) * mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926) * mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553) * mysql: Server: UDF unspecified vulnerability (CVE-2020-14576) * mysql: Server: JSON unspecified vulnerability (CVE-2020-14624) * mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631) * mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643, CVE-2020-14651) * mysql: Server: Locking unspecified vulnerability (CVE-2020-14656) * mysql: Information Schema unspecified vulnerability (CVE-2019-2911) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1764675 - CVE-2019-2911 mysql: Information Schema unspecified vulnerability (CPU Oct 2019) 1764676 - CVE-2019-2914 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019) 1764680 - CVE-2019-2938 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) 1764681 - CVE-2019-2946 mysql: Server: PS unspecified vulnerability (CPU Oct 2019) 1764684 - CVE-2019-2957 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019) 1764685 - CVE-2019-2960 mysql: Server: Replication unspecified vulnerability (CPU Oct 2019) 1764686 - CVE-2019-2963 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) 1764687 - CVE-2019-2966 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) 1764688 - CVE-2019-2967 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) 1764689 - CVE-2019-2968 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) 1764691 - CVE-2019-2974 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) 1764692 - CVE-2019-2982 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) 1764693 - CVE-2019-2991 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) 1764694 - CVE-2019-2993 mysql: Server: C API unspecified vulnerability (CPU Oct 2019) 1764695 - CVE-2019-2997 mysql: Server: DDL unspecified vulnerability (CPU Oct 2019) 1764696 - CVE-2019-2998 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) 1764698 - CVE-2019-3004 mysql: Server: Parser unspecified vulnerability (CPU Oct 2019) 1764699 - CVE-2019-3009 mysql: Server: Connection unspecified vulnerability (CPU Oct 2019) 1764700 - CVE-2019-3011 mysql: Server: C API unspecified vulnerability (CPU Oct 2019) 1764701 - CVE-2019-3018 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) 1796880 - CVE-2020-2577 mysql: InnoDB unspecified vulnerability (CPU Jan 2020) 1796881 - CVE-2020-2579 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) 1796882 - CVE-2020-2580 mysql: Server: DDL unspecified vulnerability (CPU Jan 2020) 1796883 - CVE-2020-2584 mysql: Server: Options unspecified vulnerability (CPU Jan 2020) 1796884 - CVE-2020-2588 mysql: Server: DML unspecified vulnerability (CPU Jan 2020) 1796885 - CVE-2020-2589 mysql: InnoDB unspecified vulnerability (CPU Jan 2020) 1796886 - CVE-2020-2660 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) 1796887 - CVE-2020-2679 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) 1796888 - CVE-2020-2686 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020) 1796889 - CVE-2020-2694 mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2020) 1796905 - CVE-2020-2627 mysql: Server: Parser unspecified vulnerability (CPU Jan 2020) 1798559 - CVE-2020-2570 mysql: C API unspecified vulnerability (CPU Jan 2020) 1798576 - CVE-2020-2573 mysql: C API unspecified vulnerability (CPU Jan 2020) 1798587 - CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020) 1830048 - CVE-2020-2759 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020) 1830049 - CVE-2020-2761 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) 1830050 - CVE-2020-2762 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) 1830051 - CVE-2020-2763 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020) 1830052 - CVE-2020-2765 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830053 - CVE-2020-2770 mysql: Server: Logging unspecified vulnerability (CPU Apr 2020) 1830054 - CVE-2020-2774 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) 1830055 - CVE-2020-2779 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) 1830056 - CVE-2020-2780 mysql: Server: DML unspecified vulnerability (CPU Apr 2020) 1830058 - CVE-2020-2804 mysql: Server: Memcached unspecified vulnerability (CPU Apr 2020) 1830059 - CVE-2020-2812 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020) 1830060 - CVE-2020-2814 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) 1830061 - CVE-2020-2853 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020) 1830062 - CVE-2020-2892 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830064 - CVE-2020-2893 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) 1830066 - CVE-2020-2895 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) 1830067 - CVE-2020-2896 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2020) 1830068 - CVE-2020-2897 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830069 - CVE-2020-2898 mysql: Server: Charsets unspecified vulnerability (CPU Apr 2020) 1830070 - CVE-2020-2901 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830071 - CVE-2020-2903 mysql: Server: Connection Handling unspecified vulnerability (CPU Apr 2020) 1830072 - CVE-2020-2904 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830073 - CVE-2020-2921 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020) 1830074 - CVE-2020-2923 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830075 - CVE-2020-2924 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830076 - CVE-2020-2925 mysql: Server: PS unspecified vulnerability (CPU Apr 2020) 1830077 - CVE-2020-2926 mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020) 1830078 - CVE-2020-2928 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020) 1830079 - CVE-2020-2930 mysql: Server: Parser unspecified vulnerability (CPU Apr 2020) 1830082 - CVE-2020-2760 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) 1835849 - CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020) 1835850 - CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020) 1865945 - CVE-2020-14539 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) 1865947 - CVE-2020-14540 mysql: Server: DML unspecified vulnerability (CPU Jul 2020) 1865948 - CVE-2020-14547 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) 1865949 - CVE-2020-14550 mysql: C API unspecified vulnerability (CPU Jul 2020) 1865950 - CVE-2020-14553 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020) 1865951 - CVE-2020-14559 mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020) 1865952 - CVE-2020-14567 mysql: Server: Replication unspecified vulnerability (CPU Jul 2020) 1865953 - CVE-2020-14568 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) 1865954 - CVE-2020-14575 mysql: Server: DML unspecified vulnerability (CPU Jul 2020) 1865955 - CVE-2020-14576 mysql: Server: UDF unspecified vulnerability (CPU Jul 2020) 1865956 - CVE-2020-14586 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) 1865958 - CVE-2020-14597 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) 1865959 - CVE-2020-14614 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) 1865960 - CVE-2020-14619 mysql: Server: Parser unspecified vulnerability (CPU Jul 2020) 1865961 - CVE-2020-14620 mysql: Server: DML unspecified vulnerability (CPU Jul 2020) 1865962 - CVE-2020-14623 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) 1865963 - CVE-2020-14624 mysql: Server: JSON unspecified vulnerability (CPU Jul 2020) 1865964 - CVE-2020-14631 mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2020) 1865965 - CVE-2020-14632 mysql: Server: Options unspecified vulnerability (CPU Jul 2020) 1865966 - CVE-2020-14633 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) 1865967 - CVE-2020-14634 mysql: InnoDB unspecified vulnerability (CPU Jul 2020) 1865968 - CVE-2020-14641 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020) 1865969 - CVE-2020-14643 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020) 1865970 - CVE-2020-14654 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) 1865971 - CVE-2020-14656 mysql: Server: Locking unspecified vulnerability (CPU Jul 2020) 1865972 - CVE-2020-14663 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) 1865973 - CVE-2020-14678 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) 1865974 - CVE-2020-14680 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) 1865975 - CVE-2020-14697 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) 1865976 - CVE-2020-14702 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020) 1865977 - CVE-2020-14725 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020) 1865982 - CVE-2020-14651 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020) 1874040 - Module stream mysql:8.0 does not have correct module.md file [rhel-8.2.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.src.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.src.rpm mysql-8.0.21-1.module+el8.2.0+7855+47abd494.src.rpm aarch64: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm mysql-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm ppc64le: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm mysql-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm s390x: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm mysql-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm x86_64: mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm mysql-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-2911 https://access.redhat.com/security/cve/CVE-2019-2914 https://access.redhat.com/security/cve/CVE-2019-2938 https://access.redhat.com/security/cve/CVE-2019-2946 https://access.redhat.com/security/cve/CVE-2019-2957 https://access.redhat.com/security/cve/CVE-2019-2960 https://access.redhat.com/security/cve/CVE-2019-2963 https://access.redhat.com/security/cve/CVE-2019-2966 https://access.redhat.com/security/cve/CVE-2019-2967 https://access.redhat.com/security/cve/CVE-2019-2968 https://access.redhat.com/security/cve/CVE-2019-2974 https://access.redhat.com/security/cve/CVE-2019-2982 https://access.redhat.com/security/cve/CVE-2019-2991 https://access.redhat.com/security/cve/CVE-2019-2993 https://access.redhat.com/security/cve/CVE-2019-2997 https://access.redhat.com/security/cve/CVE-2019-2998 https://access.redhat.com/security/cve/CVE-2019-3004 https://access.redhat.com/security/cve/CVE-2019-3009 https://access.redhat.com/security/cve/CVE-2019-3011 https://access.redhat.com/security/cve/CVE-2019-3018 https://access.redhat.com/security/cve/CVE-2020-2570 https://access.redhat.com/security/cve/CVE-2020-2573 https://access.redhat.com/security/cve/CVE-2020-2574 https://access.redhat.com/security/cve/CVE-2020-2577 https://access.redhat.com/security/cve/CVE-2020-2579 https://access.redhat.com/security/cve/CVE-2020-2580 https://access.redhat.com/security/cve/CVE-2020-2584 https://access.redhat.com/security/cve/CVE-2020-2588 https://access.redhat.com/security/cve/CVE-2020-2589 https://access.redhat.com/security/cve/CVE-2020-2627 https://access.redhat.com/security/cve/CVE-2020-2660 https://access.redhat.com/security/cve/CVE-2020-2679 https://access.redhat.com/security/cve/CVE-2020-2686 https://access.redhat.com/security/cve/CVE-2020-2694 https://access.redhat.com/security/cve/CVE-2020-2752 https://access.redhat.com/security/cve/CVE-2020-2759 https://access.redhat.com/security/cve/CVE-2020-2760 https://access.redhat.com/security/cve/CVE-2020-2761 https://access.redhat.com/security/cve/CVE-2020-2762 https://access.redhat.com/security/cve/CVE-2020-2763 https://access.redhat.com/security/cve/CVE-2020-2765 https://access.redhat.com/security/cve/CVE-2020-2770 https://access.redhat.com/security/cve/CVE-2020-2774 https://access.redhat.com/security/cve/CVE-2020-2779 https://access.redhat.com/security/cve/CVE-2020-2780 https://access.redhat.com/security/cve/CVE-2020-2804 https://access.redhat.com/security/cve/CVE-2020-2812 https://access.redhat.com/security/cve/CVE-2020-2814 https://access.redhat.com/security/cve/CVE-2020-2853 https://access.redhat.com/security/cve/CVE-2020-2892 https://access.redhat.com/security/cve/CVE-2020-2893 https://access.redhat.com/security/cve/CVE-2020-2895 https://access.redhat.com/security/cve/CVE-2020-2896 https://access.redhat.com/security/cve/CVE-2020-2897 https://access.redhat.com/security/cve/CVE-2020-2898 https://access.redhat.com/security/cve/CVE-2020-2901 https://access.redhat.com/security/cve/CVE-2020-2903 https://access.redhat.com/security/cve/CVE-2020-2904 https://access.redhat.com/security/cve/CVE-2020-2921 https://access.redhat.com/security/cve/CVE-2020-2922 https://access.redhat.com/security/cve/CVE-2020-2923 https://access.redhat.com/security/cve/CVE-2020-2924 https://access.redhat.com/security/cve/CVE-2020-2925 https://access.redhat.com/security/cve/CVE-2020-2926 https://access.redhat.com/security/cve/CVE-2020-2928 https://access.redhat.com/security/cve/CVE-2020-2930 https://access.redhat.com/security/cve/CVE-2020-14539 https://access.redhat.com/security/cve/CVE-2020-14540 https://access.redhat.com/security/cve/CVE-2020-14547 https://access.redhat.com/security/cve/CVE-2020-14550 https://access.redhat.com/security/cve/CVE-2020-14553 https://access.redhat.com/security/cve/CVE-2020-14559 https://access.redhat.com/security/cve/CVE-2020-14567 https://access.redhat.com/security/cve/CVE-2020-14568 https://access.redhat.com/security/cve/CVE-2020-14575 https://access.redhat.com/security/cve/CVE-2020-14576 https://access.redhat.com/security/cve/CVE-2020-14586 https://access.redhat.com/security/cve/CVE-2020-14597 https://access.redhat.com/security/cve/CVE-2020-14614 https://access.redhat.com/security/cve/CVE-2020-14619 https://access.redhat.com/security/cve/CVE-2020-14620 https://access.redhat.com/security/cve/CVE-2020-14623 https://access.redhat.com/security/cve/CVE-2020-14624 https://access.redhat.com/security/cve/CVE-2020-14631 https://access.redhat.com/security/cve/CVE-2020-14632 https://access.redhat.com/security/cve/CVE-2020-14633 https://access.redhat.com/security/cve/CVE-2020-14634 https://access.redhat.com/security/cve/CVE-2020-14641 https://access.redhat.com/security/cve/CVE-2020-14643 https://access.redhat.com/security/cve/CVE-2020-14651 https://access.redhat.com/security/cve/CVE-2020-14654 https://access.redhat.com/security/cve/CVE-2020-14656 https://access.redhat.com/security/cve/CVE-2020-14663 https://access.redhat.com/security/cve/CVE-2020-14678 https://access.redhat.com/security/cve/CVE-2020-14680 https://access.redhat.com/security/cve/CVE-2020-14697 https://access.redhat.com/security/cve/CVE-2020-14702 https://access.redhat.com/security/cve/CVE-2020-14725 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX19oUNzjgjWX9erEAQifaw/8DTIXqUrqB9JegebbhGZrz6hOg/2qF4k6 HdSLuHG/ol9x2QeQ/4BrJj3z5v6hfWVVe0NpkSkQbev9Qboe6aKXUKO5Lt+E31eG Ig7poBL0WjvBx7HrI1IJaaP9S1jwo9xOD4Vo8Kz7nS2/3eAn4opPSng7UTkiY5QX UHm8WBRF0oQZcxKdk4Rpbg/etJ50p1wQJThpSqYyERd0Vz5IOpje/BXEsmpZaE22 PEXBuSnh7XH+MVzkJHMyBRjEMBy+Lz3LM5kkScnyT8sg3cuvL6N5GoYXI993QBNp /C4hs2YDS/MQnSGL4YEbrasToj3PjPj7lXhfuAvPZ7vtF6xo35lbt3QREe4kn1WT wfCDIKUE4bRlVU0ayooCp8qU2LYFPsOS6LNWuO6PfuhLdaOw9GqRULzR5wcSAXeQ 3wVCqRmYfXBg4kLnDBm9tnkIBKvGKeTWh1ERA8m0SQ4h44lrVrloDT8lAyl4w8HT ge9E4w8J9afOioCbd3x27vme5rfrcOaO3VYLbBQysXyED9IV9jAHd5DL4ABxMmrD 6OI376+V1RmVbmWQcT5nXf8ggFjCl+y30b4N0ttKR9jWHH76NaYCwFGd5wxhM5b8 Mc8gJdNgV8A2O5ASoGuL0tV65gMOVGk8AzraABbOwwF+tGWjGu3C3/LPh8eUA1Qy ohCJYNSMA1Q= =F0vQ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBX1/02+NLKJtyKPYoAQgmbw//fiCgbex25URNpRMlypr1ruJkoxWMaW99 cBL8yGVArOjxshhENNB9DIkWqFnQRxey1dUxD7Zw82/QEIosVCcrUDOEvhP53HNr WsHGNdPg4srE9ER3Bw/r3o61iVfqieLt6DLMKb5qK1IrgJjmv2eGvcSBPuupS1a3 jXpbO9CvEicaJRCfI+LOq/2Srw/9q0Kf9u7hh9ulHFqG6dgsLDu5SrtyEIrf0qDo w0wfN6Xf/vRTKt1IfG5Z0Slx/y9ITcFexJj4HYtrEHuHHJ+MvTH7Ug8hQL53WB39 NJ+rEzPtu3dgcnXewLhNAtmfEsB5IglYey9vohisRqvP/ksId0f3W4TeTUOCc0MY M5gd+s2NNs4ZpBz3m8LGYCTApzoMx9FRr2sdI7AWC0h6fqYWasnVXGMl5sLzkBtE zej0gzmXQPocf2a4O0F37KUqgvy/LpoOPqGqnfjqRLMIC0sVHt40HpEhkkR44a9f ir/KRnuVgAt540niKNS2HzSH6IuvSNS80QGQFVHTo3C1/RRz8krUAsM4mlKJzv4O /O79ueCDwhm4CieiWb94e+OSSftI4Pgt9J51IxDJrh67/sZJ5bqMiFVxyScwrEJN bYcJ+tNqq7R+h+j7JFN5dZiQ5cdYHhBSKWbG4tKSmJgbUktX+0gETjEgd8ljgS8d stVf82mMvJI= =846J -----END PGP SIGNATURE-----