Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.3151
mysql:8.0 security update
15 September 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: mysql:8.0
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 8
Red Hat Enterprise Linux WS/Desktop 8
Impact/Access: Modify Arbitrary Files -- Existing Account
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Unauthorised Access -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-14725 CVE-2020-14702 CVE-2020-14697
CVE-2020-14680 CVE-2020-14678 CVE-2020-14663
CVE-2020-14656 CVE-2020-14654 CVE-2020-14651
CVE-2020-14643 CVE-2020-14641 CVE-2020-14634
CVE-2020-14633 CVE-2020-14632 CVE-2020-14631
CVE-2020-14624 CVE-2020-14623 CVE-2020-14620
CVE-2020-14619 CVE-2020-14614 CVE-2020-14597
CVE-2020-14586 CVE-2020-14576 CVE-2020-14575
CVE-2020-14568 CVE-2020-14567 CVE-2020-14559
CVE-2020-14553 CVE-2020-14550 CVE-2020-14547
CVE-2020-14540 CVE-2020-14539 CVE-2020-2930
CVE-2020-2928 CVE-2020-2926 CVE-2020-2925
CVE-2020-2924 CVE-2020-2923 CVE-2020-2922
CVE-2020-2921 CVE-2020-2904 CVE-2020-2903
CVE-2020-2901 CVE-2020-2898 CVE-2020-2897
CVE-2020-2896 CVE-2020-2895 CVE-2020-2893
CVE-2020-2892 CVE-2020-2853 CVE-2020-2814
CVE-2020-2812 CVE-2020-2804 CVE-2020-2780
CVE-2020-2779 CVE-2020-2774 CVE-2020-2770
CVE-2020-2765 CVE-2020-2763 CVE-2020-2762
CVE-2020-2761 CVE-2020-2760 CVE-2020-2759
CVE-2020-2752 CVE-2020-2694 CVE-2020-2686
CVE-2020-2679 CVE-2020-2660 CVE-2020-2627
CVE-2020-2589 CVE-2020-2588 CVE-2020-2584
CVE-2020-2580 CVE-2020-2579 CVE-2020-2577
CVE-2020-2574 CVE-2020-2573 CVE-2020-2570
CVE-2019-3018 CVE-2019-3011 CVE-2019-3009
CVE-2019-3004 CVE-2019-2998 CVE-2019-2997
CVE-2019-2993 CVE-2019-2991 CVE-2019-2982
CVE-2019-2974 CVE-2019-2968 CVE-2019-2967
CVE-2019-2966 CVE-2019-2963 CVE-2019-2960
CVE-2019-2957 CVE-2019-2946 CVE-2019-2938
CVE-2019-2914 CVE-2019-2911
Reference: ASB-2020.0132
ASB-2020.0087
ESB-2020.2862
ESB-2020.2584
ESB-2020.1583
ESB-2020.1108
Original Bulletin:
https://access.redhat.com/errata/RHSA-2020:3732
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: mysql:8.0 security update
Advisory ID: RHSA-2020:3732-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3732
Issue date: 2020-09-14
CVE Names: CVE-2019-2911 CVE-2019-2914 CVE-2019-2938
CVE-2019-2946 CVE-2019-2957 CVE-2019-2960
CVE-2019-2963 CVE-2019-2966 CVE-2019-2967
CVE-2019-2968 CVE-2019-2974 CVE-2019-2982
CVE-2019-2991 CVE-2019-2993 CVE-2019-2997
CVE-2019-2998 CVE-2019-3004 CVE-2019-3009
CVE-2019-3011 CVE-2019-3018 CVE-2020-2570
CVE-2020-2573 CVE-2020-2574 CVE-2020-2577
CVE-2020-2579 CVE-2020-2580 CVE-2020-2584
CVE-2020-2588 CVE-2020-2589 CVE-2020-2627
CVE-2020-2660 CVE-2020-2679 CVE-2020-2686
CVE-2020-2694 CVE-2020-2752 CVE-2020-2759
CVE-2020-2760 CVE-2020-2761 CVE-2020-2762
CVE-2020-2763 CVE-2020-2765 CVE-2020-2770
CVE-2020-2774 CVE-2020-2779 CVE-2020-2780
CVE-2020-2804 CVE-2020-2812 CVE-2020-2814
CVE-2020-2853 CVE-2020-2892 CVE-2020-2893
CVE-2020-2895 CVE-2020-2896 CVE-2020-2897
CVE-2020-2898 CVE-2020-2901 CVE-2020-2903
CVE-2020-2904 CVE-2020-2921 CVE-2020-2922
CVE-2020-2923 CVE-2020-2924 CVE-2020-2925
CVE-2020-2926 CVE-2020-2928 CVE-2020-2930
CVE-2020-14539 CVE-2020-14540 CVE-2020-14547
CVE-2020-14550 CVE-2020-14553 CVE-2020-14559
CVE-2020-14567 CVE-2020-14568 CVE-2020-14575
CVE-2020-14576 CVE-2020-14586 CVE-2020-14597
CVE-2020-14614 CVE-2020-14619 CVE-2020-14620
CVE-2020-14623 CVE-2020-14624 CVE-2020-14631
CVE-2020-14632 CVE-2020-14633 CVE-2020-14634
CVE-2020-14641 CVE-2020-14643 CVE-2020-14651
CVE-2020-14654 CVE-2020-14656 CVE-2020-14663
CVE-2020-14678 CVE-2020-14680 CVE-2020-14697
CVE-2020-14702 CVE-2020-14725
=====================================================================
1. Summary:
An update for the mysql:8.0 module is now available for Red Hat Enterprise
Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
The following packages have been upgraded to a later upstream version:
mysql (8.0.21).
Security Fix(es):
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities
(CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761,
CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586,
CVE-2020-14702)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities
(CVE-2019-2914, CVE-2019-2957)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938,
CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589,
CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895,
CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)
* mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946,
CVE-2020-2925)
* mysql: Server: Replication multiple unspecified vulnerabilities
(CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)
* mysql: Server: Optimizer multiple unspecified vulnerabilities
(CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991,
CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686,
CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904,
CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539,
CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654,
CVE-2020-14680, CVE-2020-14725)
* mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993,
CVE-2019-3011)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997,
CVE-2020-2580)
* mysql: Server: Parser multiple unspecified vulnerabilities
(CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)
* mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)
* mysql: Server: Options multiple unspecified vulnerabilities
(CVE-2020-2584, CVE-2020-14632)
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588,
CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)
* mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752,
CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)
* mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)
* mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)
* mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)
* mysql: Server: Information Schema multiple unspecified vulnerabilities
(CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)
* mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)
* mysql: Server: Connection Handling unspecified vulnerability
(CVE-2020-2903)
* mysql: Server: Group Replication Plugin unspecified vulnerability
(CVE-2020-2921)
* mysql: Server: Group Replication GCS unspecified vulnerability
(CVE-2020-2926)
* mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)
* mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)
* mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)
* mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)
* mysql: Server: Security: Roles multiple unspecified vulnerabilities
(CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)
* mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)
* mysql: Information Schema unspecified vulnerability (CVE-2019-2911)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically.
5. Bugs fixed (https://bugzilla.redhat.com/):
1764675 - CVE-2019-2911 mysql: Information Schema unspecified vulnerability (CPU Oct 2019)
1764676 - CVE-2019-2914 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
1764680 - CVE-2019-2938 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764681 - CVE-2019-2946 mysql: Server: PS unspecified vulnerability (CPU Oct 2019)
1764684 - CVE-2019-2957 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)
1764685 - CVE-2019-2960 mysql: Server: Replication unspecified vulnerability (CPU Oct 2019)
1764686 - CVE-2019-2963 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764687 - CVE-2019-2966 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764688 - CVE-2019-2967 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764689 - CVE-2019-2968 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1764691 - CVE-2019-2974 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764692 - CVE-2019-2982 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764693 - CVE-2019-2991 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764694 - CVE-2019-2993 mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
1764695 - CVE-2019-2997 mysql: Server: DDL unspecified vulnerability (CPU Oct 2019)
1764696 - CVE-2019-2998 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
1764698 - CVE-2019-3004 mysql: Server: Parser unspecified vulnerability (CPU Oct 2019)
1764699 - CVE-2019-3009 mysql: Server: Connection unspecified vulnerability (CPU Oct 2019)
1764700 - CVE-2019-3011 mysql: Server: C API unspecified vulnerability (CPU Oct 2019)
1764701 - CVE-2019-3018 mysql: InnoDB unspecified vulnerability (CPU Oct 2019)
1796880 - CVE-2020-2577 mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
1796881 - CVE-2020-2579 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796882 - CVE-2020-2580 mysql: Server: DDL unspecified vulnerability (CPU Jan 2020)
1796883 - CVE-2020-2584 mysql: Server: Options unspecified vulnerability (CPU Jan 2020)
1796884 - CVE-2020-2588 mysql: Server: DML unspecified vulnerability (CPU Jan 2020)
1796885 - CVE-2020-2589 mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
1796886 - CVE-2020-2660 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796887 - CVE-2020-2679 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796888 - CVE-2020-2686 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
1796889 - CVE-2020-2694 mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2020)
1796905 - CVE-2020-2627 mysql: Server: Parser unspecified vulnerability (CPU Jan 2020)
1798559 - CVE-2020-2570 mysql: C API unspecified vulnerability (CPU Jan 2020)
1798576 - CVE-2020-2573 mysql: C API unspecified vulnerability (CPU Jan 2020)
1798587 - CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020)
1830048 - CVE-2020-2759 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
1830049 - CVE-2020-2761 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830050 - CVE-2020-2762 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830051 - CVE-2020-2763 mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
1830052 - CVE-2020-2765 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830053 - CVE-2020-2770 mysql: Server: Logging unspecified vulnerability (CPU Apr 2020)
1830054 - CVE-2020-2774 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830055 - CVE-2020-2779 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830056 - CVE-2020-2780 mysql: Server: DML unspecified vulnerability (CPU Apr 2020)
1830058 - CVE-2020-2804 mysql: Server: Memcached unspecified vulnerability (CPU Apr 2020)
1830059 - CVE-2020-2812 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020)
1830060 - CVE-2020-2814 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830061 - CVE-2020-2853 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
1830062 - CVE-2020-2892 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830064 - CVE-2020-2893 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830066 - CVE-2020-2895 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1830067 - CVE-2020-2896 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2020)
1830068 - CVE-2020-2897 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830069 - CVE-2020-2898 mysql: Server: Charsets unspecified vulnerability (CPU Apr 2020)
1830070 - CVE-2020-2901 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830071 - CVE-2020-2903 mysql: Server: Connection Handling unspecified vulnerability (CPU Apr 2020)
1830072 - CVE-2020-2904 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830073 - CVE-2020-2921 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020)
1830074 - CVE-2020-2923 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830075 - CVE-2020-2924 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830076 - CVE-2020-2925 mysql: Server: PS unspecified vulnerability (CPU Apr 2020)
1830077 - CVE-2020-2926 mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020)
1830078 - CVE-2020-2928 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
1830079 - CVE-2020-2930 mysql: Server: Parser unspecified vulnerability (CPU Apr 2020)
1830082 - CVE-2020-2760 mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
1835849 - CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020)
1835850 - CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020)
1865945 - CVE-2020-14539 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865947 - CVE-2020-14540 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865948 - CVE-2020-14547 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865949 - CVE-2020-14550 mysql: C API unspecified vulnerability (CPU Jul 2020)
1865950 - CVE-2020-14553 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020)
1865951 - CVE-2020-14559 mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020)
1865952 - CVE-2020-14567 mysql: Server: Replication unspecified vulnerability (CPU Jul 2020)
1865953 - CVE-2020-14568 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865954 - CVE-2020-14575 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865955 - CVE-2020-14576 mysql: Server: UDF unspecified vulnerability (CPU Jul 2020)
1865956 - CVE-2020-14586 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865958 - CVE-2020-14597 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865959 - CVE-2020-14614 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865960 - CVE-2020-14619 mysql: Server: Parser unspecified vulnerability (CPU Jul 2020)
1865961 - CVE-2020-14620 mysql: Server: DML unspecified vulnerability (CPU Jul 2020)
1865962 - CVE-2020-14623 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865963 - CVE-2020-14624 mysql: Server: JSON unspecified vulnerability (CPU Jul 2020)
1865964 - CVE-2020-14631 mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2020)
1865965 - CVE-2020-14632 mysql: Server: Options unspecified vulnerability (CPU Jul 2020)
1865966 - CVE-2020-14633 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865967 - CVE-2020-14634 mysql: InnoDB unspecified vulnerability (CPU Jul 2020)
1865968 - CVE-2020-14641 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1865969 - CVE-2020-14643 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1865970 - CVE-2020-14654 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865971 - CVE-2020-14656 mysql: Server: Locking unspecified vulnerability (CPU Jul 2020)
1865972 - CVE-2020-14663 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865973 - CVE-2020-14678 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865974 - CVE-2020-14680 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865975 - CVE-2020-14697 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865976 - CVE-2020-14702 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
1865977 - CVE-2020-14725 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)
1865982 - CVE-2020-14651 mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)
1874040 - Module stream mysql:8.0 does not have correct module.md file [rhel-8.2.0.z]
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.src.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.src.rpm
mysql-8.0.21-1.module+el8.2.0+7855+47abd494.src.rpm
aarch64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mysql-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.aarch64.rpm
ppc64le:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mysql-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.ppc64le.rpm
s390x:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mysql-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.s390x.rpm
x86_64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mysql-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-common-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-debugsource-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-devel-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-devel-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-errmsg-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-libs-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-libs-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-server-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-server-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-test-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
mysql-test-debuginfo-8.0.21-1.module+el8.2.0+7855+47abd494.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-2911
https://access.redhat.com/security/cve/CVE-2019-2914
https://access.redhat.com/security/cve/CVE-2019-2938
https://access.redhat.com/security/cve/CVE-2019-2946
https://access.redhat.com/security/cve/CVE-2019-2957
https://access.redhat.com/security/cve/CVE-2019-2960
https://access.redhat.com/security/cve/CVE-2019-2963
https://access.redhat.com/security/cve/CVE-2019-2966
https://access.redhat.com/security/cve/CVE-2019-2967
https://access.redhat.com/security/cve/CVE-2019-2968
https://access.redhat.com/security/cve/CVE-2019-2974
https://access.redhat.com/security/cve/CVE-2019-2982
https://access.redhat.com/security/cve/CVE-2019-2991
https://access.redhat.com/security/cve/CVE-2019-2993
https://access.redhat.com/security/cve/CVE-2019-2997
https://access.redhat.com/security/cve/CVE-2019-2998
https://access.redhat.com/security/cve/CVE-2019-3004
https://access.redhat.com/security/cve/CVE-2019-3009
https://access.redhat.com/security/cve/CVE-2019-3011
https://access.redhat.com/security/cve/CVE-2019-3018
https://access.redhat.com/security/cve/CVE-2020-2570
https://access.redhat.com/security/cve/CVE-2020-2573
https://access.redhat.com/security/cve/CVE-2020-2574
https://access.redhat.com/security/cve/CVE-2020-2577
https://access.redhat.com/security/cve/CVE-2020-2579
https://access.redhat.com/security/cve/CVE-2020-2580
https://access.redhat.com/security/cve/CVE-2020-2584
https://access.redhat.com/security/cve/CVE-2020-2588
https://access.redhat.com/security/cve/CVE-2020-2589
https://access.redhat.com/security/cve/CVE-2020-2627
https://access.redhat.com/security/cve/CVE-2020-2660
https://access.redhat.com/security/cve/CVE-2020-2679
https://access.redhat.com/security/cve/CVE-2020-2686
https://access.redhat.com/security/cve/CVE-2020-2694
https://access.redhat.com/security/cve/CVE-2020-2752
https://access.redhat.com/security/cve/CVE-2020-2759
https://access.redhat.com/security/cve/CVE-2020-2760
https://access.redhat.com/security/cve/CVE-2020-2761
https://access.redhat.com/security/cve/CVE-2020-2762
https://access.redhat.com/security/cve/CVE-2020-2763
https://access.redhat.com/security/cve/CVE-2020-2765
https://access.redhat.com/security/cve/CVE-2020-2770
https://access.redhat.com/security/cve/CVE-2020-2774
https://access.redhat.com/security/cve/CVE-2020-2779
https://access.redhat.com/security/cve/CVE-2020-2780
https://access.redhat.com/security/cve/CVE-2020-2804
https://access.redhat.com/security/cve/CVE-2020-2812
https://access.redhat.com/security/cve/CVE-2020-2814
https://access.redhat.com/security/cve/CVE-2020-2853
https://access.redhat.com/security/cve/CVE-2020-2892
https://access.redhat.com/security/cve/CVE-2020-2893
https://access.redhat.com/security/cve/CVE-2020-2895
https://access.redhat.com/security/cve/CVE-2020-2896
https://access.redhat.com/security/cve/CVE-2020-2897
https://access.redhat.com/security/cve/CVE-2020-2898
https://access.redhat.com/security/cve/CVE-2020-2901
https://access.redhat.com/security/cve/CVE-2020-2903
https://access.redhat.com/security/cve/CVE-2020-2904
https://access.redhat.com/security/cve/CVE-2020-2921
https://access.redhat.com/security/cve/CVE-2020-2922
https://access.redhat.com/security/cve/CVE-2020-2923
https://access.redhat.com/security/cve/CVE-2020-2924
https://access.redhat.com/security/cve/CVE-2020-2925
https://access.redhat.com/security/cve/CVE-2020-2926
https://access.redhat.com/security/cve/CVE-2020-2928
https://access.redhat.com/security/cve/CVE-2020-2930
https://access.redhat.com/security/cve/CVE-2020-14539
https://access.redhat.com/security/cve/CVE-2020-14540
https://access.redhat.com/security/cve/CVE-2020-14547
https://access.redhat.com/security/cve/CVE-2020-14550
https://access.redhat.com/security/cve/CVE-2020-14553
https://access.redhat.com/security/cve/CVE-2020-14559
https://access.redhat.com/security/cve/CVE-2020-14567
https://access.redhat.com/security/cve/CVE-2020-14568
https://access.redhat.com/security/cve/CVE-2020-14575
https://access.redhat.com/security/cve/CVE-2020-14576
https://access.redhat.com/security/cve/CVE-2020-14586
https://access.redhat.com/security/cve/CVE-2020-14597
https://access.redhat.com/security/cve/CVE-2020-14614
https://access.redhat.com/security/cve/CVE-2020-14619
https://access.redhat.com/security/cve/CVE-2020-14620
https://access.redhat.com/security/cve/CVE-2020-14623
https://access.redhat.com/security/cve/CVE-2020-14624
https://access.redhat.com/security/cve/CVE-2020-14631
https://access.redhat.com/security/cve/CVE-2020-14632
https://access.redhat.com/security/cve/CVE-2020-14633
https://access.redhat.com/security/cve/CVE-2020-14634
https://access.redhat.com/security/cve/CVE-2020-14641
https://access.redhat.com/security/cve/CVE-2020-14643
https://access.redhat.com/security/cve/CVE-2020-14651
https://access.redhat.com/security/cve/CVE-2020-14654
https://access.redhat.com/security/cve/CVE-2020-14656
https://access.redhat.com/security/cve/CVE-2020-14663
https://access.redhat.com/security/cve/CVE-2020-14678
https://access.redhat.com/security/cve/CVE-2020-14680
https://access.redhat.com/security/cve/CVE-2020-14697
https://access.redhat.com/security/cve/CVE-2020-14702
https://access.redhat.com/security/cve/CVE-2020-14725
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX19oUNzjgjWX9erEAQifaw/8DTIXqUrqB9JegebbhGZrz6hOg/2qF4k6
HdSLuHG/ol9x2QeQ/4BrJj3z5v6hfWVVe0NpkSkQbev9Qboe6aKXUKO5Lt+E31eG
Ig7poBL0WjvBx7HrI1IJaaP9S1jwo9xOD4Vo8Kz7nS2/3eAn4opPSng7UTkiY5QX
UHm8WBRF0oQZcxKdk4Rpbg/etJ50p1wQJThpSqYyERd0Vz5IOpje/BXEsmpZaE22
PEXBuSnh7XH+MVzkJHMyBRjEMBy+Lz3LM5kkScnyT8sg3cuvL6N5GoYXI993QBNp
/C4hs2YDS/MQnSGL4YEbrasToj3PjPj7lXhfuAvPZ7vtF6xo35lbt3QREe4kn1WT
wfCDIKUE4bRlVU0ayooCp8qU2LYFPsOS6LNWuO6PfuhLdaOw9GqRULzR5wcSAXeQ
3wVCqRmYfXBg4kLnDBm9tnkIBKvGKeTWh1ERA8m0SQ4h44lrVrloDT8lAyl4w8HT
ge9E4w8J9afOioCbd3x27vme5rfrcOaO3VYLbBQysXyED9IV9jAHd5DL4ABxMmrD
6OI376+V1RmVbmWQcT5nXf8ggFjCl+y30b4N0ttKR9jWHH76NaYCwFGd5wxhM5b8
Mc8gJdNgV8A2O5ASoGuL0tV65gMOVGk8AzraABbOwwF+tGWjGu3C3/LPh8eUA1Qy
ohCJYNSMA1Q=
=F0vQ
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBX1/02+NLKJtyKPYoAQgmbw//fiCgbex25URNpRMlypr1ruJkoxWMaW99
cBL8yGVArOjxshhENNB9DIkWqFnQRxey1dUxD7Zw82/QEIosVCcrUDOEvhP53HNr
WsHGNdPg4srE9ER3Bw/r3o61iVfqieLt6DLMKb5qK1IrgJjmv2eGvcSBPuupS1a3
jXpbO9CvEicaJRCfI+LOq/2Srw/9q0Kf9u7hh9ulHFqG6dgsLDu5SrtyEIrf0qDo
w0wfN6Xf/vRTKt1IfG5Z0Slx/y9ITcFexJj4HYtrEHuHHJ+MvTH7Ug8hQL53WB39
NJ+rEzPtu3dgcnXewLhNAtmfEsB5IglYey9vohisRqvP/ksId0f3W4TeTUOCc0MY
M5gd+s2NNs4ZpBz3m8LGYCTApzoMx9FRr2sdI7AWC0h6fqYWasnVXGMl5sLzkBtE
zej0gzmXQPocf2a4O0F37KUqgvy/LpoOPqGqnfjqRLMIC0sVHt40HpEhkkR44a9f
ir/KRnuVgAt540niKNS2HzSH6IuvSNS80QGQFVHTo3C1/RRz8krUAsM4mlKJzv4O
/O79ueCDwhm4CieiWb94e+OSSftI4Pgt9J51IxDJrh67/sZJ5bqMiFVxyScwrEJN
bYcJ+tNqq7R+h+j7JFN5dZiQ5cdYHhBSKWbG4tKSmJgbUktX+0gETjEgd8ljgS8d
stVf82mMvJI=
=846J
-----END PGP SIGNATURE-----