-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.3382
        rh-mysql80-mysql security, bug fix, and enhancement update
                              13 October 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           rh-mysql80-mysql
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Access Confidential Data        -- Existing Account      
                   Denial of Service               -- Remote/Unauthenticated
                   Execute Arbitrary Code/Commands -- Existing Account      
                   Modify Arbitrary Files          -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-2444 CVE-2021-2441 CVE-2021-2440
                   CVE-2021-2437 CVE-2021-2429 CVE-2021-2427
                   CVE-2021-2426 CVE-2021-2425 CVE-2021-2424
                   CVE-2021-2422 CVE-2021-2418 CVE-2021-2417
                   CVE-2021-2412 CVE-2021-2410 CVE-2021-2402
                   CVE-2021-2399 CVE-2021-2390 CVE-2021-2389
                   CVE-2021-2387 CVE-2021-2385 CVE-2021-2384
                   CVE-2021-2383 CVE-2021-2374 CVE-2021-2372
                   CVE-2021-2370 CVE-2021-2367 CVE-2021-2357
                   CVE-2021-2356 CVE-2021-2354 CVE-2021-2352
                   CVE-2021-2342 CVE-2021-2340 CVE-2021-2339
                   CVE-2021-2308 CVE-2021-2307 CVE-2021-2305
                   CVE-2021-2304 CVE-2021-2301 CVE-2021-2300
                   CVE-2021-2299 CVE-2021-2298 CVE-2021-2293
                   CVE-2021-2278 CVE-2021-2232 CVE-2021-2230
                   CVE-2021-2226 CVE-2021-2217 CVE-2021-2215
                   CVE-2021-2213 CVE-2021-2212 CVE-2021-2208
                   CVE-2021-2203 CVE-2021-2202 CVE-2021-2201
                   CVE-2021-2196 CVE-2021-2194 CVE-2021-2193
                   CVE-2021-2180 CVE-2021-2179 CVE-2021-2178
                   CVE-2021-2174 CVE-2021-2172 CVE-2021-2171
                   CVE-2021-2170 CVE-2021-2169 CVE-2021-2166
                   CVE-2021-2164 CVE-2021-2146 CVE-2021-2122
                   CVE-2021-2088 CVE-2021-2087 CVE-2021-2081
                   CVE-2021-2076 CVE-2021-2072 CVE-2021-2070
                   CVE-2021-2065 CVE-2021-2061 CVE-2021-2060
                   CVE-2021-2058 CVE-2021-2056 CVE-2021-2055
                   CVE-2021-2048 CVE-2021-2046 CVE-2021-2042
                   CVE-2021-2038 CVE-2021-2036 CVE-2021-2032
                   CVE-2021-2031 CVE-2021-2030 CVE-2021-2028
                   CVE-2021-2024 CVE-2021-2022 CVE-2021-2021
                   CVE-2021-2011 CVE-2021-2010 CVE-2021-2002
                   CVE-2021-2001 CVE-2020-14893 CVE-2020-14891
                   CVE-2020-14888 CVE-2020-14873 CVE-2020-14870
                   CVE-2020-14868 CVE-2020-14867 CVE-2020-14866
                   CVE-2020-14861 CVE-2020-14860 CVE-2020-14852
                   CVE-2020-14848 CVE-2020-14846 CVE-2020-14845
                   CVE-2020-14844 CVE-2020-14839 CVE-2020-14838
                   CVE-2020-14837 CVE-2020-14836 CVE-2020-14830
                   CVE-2020-14829 CVE-2020-14828 CVE-2020-14821
                   CVE-2020-14814 CVE-2020-14812 CVE-2020-14809
                   CVE-2020-14804 CVE-2020-14800 CVE-2020-14794
                   CVE-2020-14793 CVE-2020-14791 CVE-2020-14790
                   CVE-2020-14789 CVE-2020-14786 CVE-2020-14785
                   CVE-2020-14777 CVE-2020-14776 CVE-2020-14775
                   CVE-2020-14773 CVE-2020-14769 CVE-2020-14765
                   CVE-2020-14672  

Reference:         ASB-2021.0163
                   ASB-2021.0152
                   ASB-2021.0100
                   ASB-2021.0083

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:3811

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: rh-mysql80-mysql security, bug fix, and enhancement update
Advisory ID:       RHSA-2021:3811-01
Product:           Red Hat Software Collections
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:3811
Issue date:        2021-10-12
CVE Names:         CVE-2020-14672 CVE-2020-14765 CVE-2020-14769 
                   CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 
                   CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 
                   CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 
                   CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 
                   CVE-2020-14804 CVE-2020-14809 CVE-2020-14812 
                   CVE-2020-14814 CVE-2020-14821 CVE-2020-14828 
                   CVE-2020-14829 CVE-2020-14830 CVE-2020-14836 
                   CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 
                   CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 
                   CVE-2020-14848 CVE-2020-14852 CVE-2020-14860 
                   CVE-2020-14861 CVE-2020-14866 CVE-2020-14867 
                   CVE-2020-14868 CVE-2020-14870 CVE-2020-14873 
                   CVE-2020-14888 CVE-2020-14891 CVE-2020-14893 
                   CVE-2021-2001 CVE-2021-2002 CVE-2021-2010 
                   CVE-2021-2011 CVE-2021-2021 CVE-2021-2022 
                   CVE-2021-2024 CVE-2021-2028 CVE-2021-2030 
                   CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 
                   CVE-2021-2038 CVE-2021-2042 CVE-2021-2046 
                   CVE-2021-2048 CVE-2021-2055 CVE-2021-2056 
                   CVE-2021-2058 CVE-2021-2060 CVE-2021-2061 
                   CVE-2021-2065 CVE-2021-2070 CVE-2021-2072 
                   CVE-2021-2076 CVE-2021-2081 CVE-2021-2087 
                   CVE-2021-2088 CVE-2021-2122 CVE-2021-2146 
                   CVE-2021-2164 CVE-2021-2166 CVE-2021-2169 
                   CVE-2021-2170 CVE-2021-2171 CVE-2021-2172 
                   CVE-2021-2174 CVE-2021-2178 CVE-2021-2179 
                   CVE-2021-2180 CVE-2021-2193 CVE-2021-2194 
                   CVE-2021-2196 CVE-2021-2201 CVE-2021-2202 
                   CVE-2021-2203 CVE-2021-2208 CVE-2021-2212 
                   CVE-2021-2213 CVE-2021-2215 CVE-2021-2217 
                   CVE-2021-2226 CVE-2021-2230 CVE-2021-2232 
                   CVE-2021-2278 CVE-2021-2293 CVE-2021-2298 
                   CVE-2021-2299 CVE-2021-2300 CVE-2021-2301 
                   CVE-2021-2304 CVE-2021-2305 CVE-2021-2307 
                   CVE-2021-2308 CVE-2021-2339 CVE-2021-2340 
                   CVE-2021-2342 CVE-2021-2352 CVE-2021-2354 
                   CVE-2021-2356 CVE-2021-2357 CVE-2021-2367 
                   CVE-2021-2370 CVE-2021-2372 CVE-2021-2374 
                   CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 
                   CVE-2021-2387 CVE-2021-2389 CVE-2021-2390 
                   CVE-2021-2399 CVE-2021-2402 CVE-2021-2410 
                   CVE-2021-2412 CVE-2021-2417 CVE-2021-2418 
                   CVE-2021-2422 CVE-2021-2424 CVE-2021-2425 
                   CVE-2021-2426 CVE-2021-2427 CVE-2021-2429 
                   CVE-2021-2437 CVE-2021-2440 CVE-2021-2441 
                   CVE-2021-2444 
=====================================================================

1. Summary:

An update for rh-mysql80-mysql is now available for Red Hat Software
Collections.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon, mysqld, and many client programs. 

The following packages have been upgraded to a later upstream version:
rh-mysql80-mysql (8.0.26). (BZ#2003105)

Security Fix(es):

* mysql: Server: Stored Procedure multiple vulnerabilities (CVE-2020-14672,
CVE-2021-2046, CVE-2021-2072, CVE-2021-2081, CVE-2021-2215, CVE-2021-2217,
CVE-2021-2293, CVE-2021-2304, CVE-2021-2424)

* mysql: Server: FTS multiple vulnerabilities (CVE-2020-14765,
CVE-2020-14789, CVE-2020-14804)

* mysql: Server: Optimizer multiple vulnerabilities (CVE-2020-14769,
CVE-2020-14773, CVE-2020-14777, CVE-2020-14785, CVE-2020-14793,
CVE-2020-14794, CVE-2020-14809, CVE-2020-14830, CVE-2020-14836,
CVE-2020-14837, CVE-2020-14839, CVE-2020-14845, CVE-2020-14846,
CVE-2020-14861, CVE-2020-14866, CVE-2020-14868, CVE-2020-14888,
CVE-2020-14891, CVE-2020-14893, CVE-2021-2001, CVE-2021-2021,
CVE-2021-2024, CVE-2021-2030, CVE-2021-2031, CVE-2021-2036, CVE-2021-2055,
CVE-2021-2060, CVE-2021-2065, CVE-2021-2070, CVE-2021-2076, CVE-2021-2164,
CVE-2021-2169, CVE-2021-2170, CVE-2021-2193, CVE-2021-2203, CVE-2021-2212,
CVE-2021-2213, CVE-2021-2230, CVE-2021-2278, CVE-2021-2298, CVE-2021-2299,
CVE-2021-2342, CVE-2021-2357, CVE-2021-2367, CVE-2021-2383, CVE-2021-2384,
CVE-2021-2387, CVE-2021-2410, CVE-2021-2412, CVE-2021-2418, CVE-2021-2425,
CVE-2021-2426, CVE-2021-2427, CVE-2021-2437, CVE-2021-2441, CVE-2021-2444)

* mysql: InnoDB multiple vulnerabilities (CVE-2020-14775, CVE-2020-14776,
CVE-2020-14821, CVE-2020-14829, CVE-2020-14848, CVE-2021-2022,
CVE-2021-2028, CVE-2021-2048, CVE-2021-2174, CVE-2021-2180, CVE-2021-2194,
CVE-2021-2372, CVE-2021-2374, CVE-2021-2389, CVE-2021-2390, CVE-2021-2429,
CVE-2020-14791, CVE-2021-2042)

* mysql: Server: PS multiple vulnerabilities (CVE-2020-14786,
CVE-2020-14790, CVE-2020-14844, CVE-2021-2422)

* mysql: Server: Security multiple vulnerabilities (CVE-2020-14800,
CVE-2020-14838, CVE-2020-14860)

* mysql: Server: Locking multiple vulnerabilities (CVE-2020-14812,
CVE-2021-2058, CVE-2021-2402)

* mysql: Server: DML multiple vulnerabilities (CVE-2020-14814,
CVE-2020-14828, CVE-2021-2056, CVE-2021-2087, CVE-2021-2088, CVE-2021-2166,
CVE-2021-2172, CVE-2021-2196, CVE-2021-2300, CVE-2021-2305, CVE-2021-2370,
CVE-2021-2440)

* mysql: Server: Charsets unspecified vulnerability (CVE-2020-14852)

* mysql: Server: DDL multiple vulnerabilities (CVE-2020-14867,
CVE-2021-2061, CVE-2021-2122, CVE-2021-2339, CVE-2021-2352, CVE-2021-2399)

* mysql: Server: X Plugin unspecified vulnerability (CVE-2020-14870)

* mysql: Server: Logging unspecified vulnerability (CVE-2020-14873)

* mysql: Server: Replication multiple vulnerabilities (CVE-2021-2002,
CVE-2021-2171, CVE-2021-2178, CVE-2021-2202, CVE-2021-2356, CVE-2021-2385)

* mysql: C API multiple vulnerabilities (CVE-2021-2010, CVE-2021-2011)

* mysql: Server: Components Services unspecified vulnerability
(CVE-2021-2038)

* mysql: Server: Options unspecified vulnerability (CVE-2021-2146)

* mysql: Server: Group Replication Plugin multiple vulnerabilities
(CVE-2021-2179, CVE-2021-2232)

* mysql: Server: Partition multiple vulnerabilities (CVE-2021-2201,
CVE-2021-2208)

* mysql: Server: Information Schema multiple vulnerabilities
(CVE-2021-2032, CVE-2021-2226, CVE-2021-2301, CVE-2021-2308)

* mysql: Server: Packaging unspecified vulnerability (CVE-2021-2307)

* mysql: Server: Federated unspecified vulnerability (CVE-2021-2354)

* mysql: Server: GIS unspecified vulnerability (CVE-2021-2417)

* mysql: Server: Memcached unspecified vulnerability (CVE-2021-2340)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Segfault and possible DoS with a crafted query (BZ#2003100)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1890737 - CVE-2020-14672 mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2020)
1890738 - CVE-2020-14765 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
1890739 - CVE-2020-14769 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890742 - CVE-2020-14773 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890743 - CVE-2020-14776 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890744 - CVE-2020-14777 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890745 - CVE-2020-14785 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890746 - CVE-2020-14786 mysql: Server: PS unspecified vulnerability (CPU Oct 2020)
1890747 - CVE-2020-14789 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
1890748 - CVE-2020-14790 mysql: Server: PS unspecified vulnerability (CPU Oct 2020)
1890749 - CVE-2020-14791 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890750 - CVE-2020-14793 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890751 - CVE-2020-14794 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890753 - CVE-2020-14800 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020)
1890754 - CVE-2020-14804 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
1890755 - CVE-2020-14809 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890756 - CVE-2020-14812 mysql: Server: Locking unspecified vulnerability (CPU Oct 2020)
1890757 - CVE-2020-14814 mysql: Server: DML unspecified vulnerability (CPU Oct 2020)
1890758 - CVE-2020-14821 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890760 - CVE-2020-14828 mysql: Server: DML unspecified vulnerability (CPU Oct 2020)
1890761 - CVE-2020-14829 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890762 - CVE-2020-14830 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890763 - CVE-2020-14836 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890764 - CVE-2020-14837 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890765 - CVE-2020-14838 mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2020)
1890766 - CVE-2020-14839 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890767 - CVE-2020-14844 mysql: Server: PS unspecified vulnerability (CPU Oct 2020)
1890768 - CVE-2020-14845 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890769 - CVE-2020-14846 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890770 - CVE-2020-14848 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890771 - CVE-2020-14852 mysql: Server: Charsets unspecified vulnerability (CPU Oct 2020)
1890772 - CVE-2020-14860 mysql: Server: Security: Roles unspecified vulnerability (CPU Oct 2020)
1890773 - CVE-2020-14861 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890774 - CVE-2020-14866 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890775 - CVE-2020-14867 mysql: Server: DDL unspecified vulnerability (CPU Oct 2020)
1890776 - CVE-2020-14868 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890778 - CVE-2020-14870 mysql: Server: X Plugin unspecified vulnerability (CPU Oct 2020)
1890779 - CVE-2020-14873 mysql: Server: Logging unspecified vulnerability (CPU Oct 2020)
1890781 - CVE-2020-14888 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890782 - CVE-2020-14891 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890783 - CVE-2020-14893 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890784 - CVE-2020-14775 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1922379 - CVE-2021-2001 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922380 - CVE-2021-2002 mysql: Server: Replication unspecified vulnerability (CPU Jan 2021)
1922383 - CVE-2021-2010 mysql: C API unspecified vulnerability (CPU Jan 2021)
1922384 - CVE-2021-2011 mysql: C API unspecified vulnerability (CPU Jan 2021)
1922388 - CVE-2021-2021 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922389 - CVE-2021-2022 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922390 - CVE-2021-2024 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922391 - CVE-2021-2028 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922392 - CVE-2021-2030 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922393 - CVE-2021-2031 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922394 - CVE-2021-2032 mysql: Information Schema unspecified vulnerability (CPU Jan 2021)
1922395 - CVE-2021-2036 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922396 - CVE-2021-2038 mysql: Server: Components Services unspecified vulnerability (CPU Jan 2021)
1922397 - CVE-2021-2042 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922398 - CVE-2021-2046 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021)
1922399 - CVE-2021-2048 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922400 - CVE-2021-2055 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922401 - CVE-2021-2058 mysql: Server: Locking unspecified vulnerability (CPU Jan 2021)
1922402 - CVE-2021-2060 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922403 - CVE-2021-2061 mysql: Server: DDL unspecified vulnerability (CPU Jan 2021)
1922404 - CVE-2021-2065 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922405 - CVE-2021-2070 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922406 - CVE-2021-2072 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021)
1922407 - CVE-2021-2076 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922408 - CVE-2021-2087 mysql: Server: DML unspecified vulnerability (CPU Jan 2021)
1922410 - CVE-2021-2088 mysql: Server: DML unspecified vulnerability (CPU Jan 2021)
1922411 - CVE-2021-2122 mysql: Server: DDL unspecified vulnerability (CPU Jan 2021)
1922416 - CVE-2021-2081 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021)
1922419 - CVE-2021-2056 mysql: Server: DML unspecified vulnerability (CPU Jan 2021)
1951751 - CVE-2021-2146 mysql: Server: Options unspecified vulnerability (CPU Apr 2021)
1951754 - CVE-2021-2164 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951755 - CVE-2021-2166 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951756 - CVE-2021-2169 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951757 - CVE-2021-2170 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951758 - CVE-2021-2171 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021)
1951759 - CVE-2021-2172 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951760 - CVE-2021-2178 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021)
1951761 - CVE-2021-2179 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2021)
1951762 - CVE-2021-2180 mysql: InnoDB unspecified vulnerability (CPU Apr 2021)
1951763 - CVE-2021-2193 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951764 - CVE-2021-2194 mysql: InnoDB unspecified vulnerability (CPU Apr 2021)
1951765 - CVE-2021-2196 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951766 - CVE-2021-2201 mysql: Server: Partition unspecified vulnerability (CPU Apr 2021)
1951767 - CVE-2021-2202 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021)
1951768 - CVE-2021-2203 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951769 - CVE-2021-2208 mysql: Server: Partition unspecified vulnerability (CPU Apr 2021)
1951770 - CVE-2021-2212 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951771 - CVE-2021-2213 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951772 - CVE-2021-2215 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951773 - CVE-2021-2217 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951774 - CVE-2021-2226 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021)
1951775 - CVE-2021-2230 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951776 - CVE-2021-2232 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2021)
1951777 - CVE-2021-2278 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951778 - CVE-2021-2293 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951779 - CVE-2021-2298 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951780 - CVE-2021-2299 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951781 - CVE-2021-2300 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951782 - CVE-2021-2301 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021)
1951783 - CVE-2021-2304 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951784 - CVE-2021-2305 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951785 - CVE-2021-2307 mysql: Server: Packaging unspecified vulnerability (CPU Apr 2021)
1951786 - CVE-2021-2308 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021)
1952802 - CVE-2021-2174 mysql: InnoDB unspecified vulnerability (CPU Apr 2021)
1992279 - CVE-2021-2340 mysql: Server: Memcached unspecified vulnerability (CPU Jul 2021)
1992280 - CVE-2021-2339 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021)
1992294 - CVE-2021-2342 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992297 - CVE-2021-2352 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021)
1992298 - CVE-2021-2354 mysql: Server: Federated unspecified vulnerability (CPU Jul 2021)
1992299 - CVE-2021-2356 mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)
1992300 - CVE-2021-2357 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992301 - CVE-2021-2367 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992302 - CVE-2021-2370 mysql: Server: DML unspecified vulnerability (CPU Jul 2021)
1992303 - CVE-2021-2372 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992304 - CVE-2021-2374 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992305 - CVE-2021-2383 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992306 - CVE-2021-2384 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992307 - CVE-2021-2385 mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)
1992308 - CVE-2021-2387 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992309 - CVE-2021-2389 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992310 - CVE-2021-2390 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992311 - CVE-2021-2399 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021)
1992312 - CVE-2021-2402 mysql: Server: Locking unspecified vulnerability (CPU Jul 2021)
1992313 - CVE-2021-2410 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992314 - CVE-2021-2412 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992315 - CVE-2021-2417 mysql: Server: GIS unspecified vulnerability (CPU Jul 2021)
1992316 - CVE-2021-2418 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992317 - CVE-2021-2422 mysql: Server: PS unspecified vulnerability (CPU Jul 2021)
1992318 - CVE-2021-2424 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2021)
1992319 - CVE-2021-2425 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992320 - CVE-2021-2426 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992321 - CVE-2021-2427 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992322 - CVE-2021-2429 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992323 - CVE-2021-2437 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992324 - CVE-2021-2440 mysql: Server: DML unspecified vulnerability (CPU Jul 2021)
1992325 - CVE-2021-2441 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992326 - CVE-2021-2444 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
2003100 - Segfault and possible DoS with a crafted query [rhscl-3] [rhscl-3.7.z]
2003105 - Tracker: MySQL rebase to the latest version (8.0.26) [rhscl-3] [rhscl-3.7.z]

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source:
rh-mysql80-mysql-8.0.26-1.el7.src.rpm

ppc64le:
rh-mysql80-mysql-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-common-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-config-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-config-syspaths-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-debuginfo-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-devel-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-errmsg-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-server-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-server-syspaths-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-syspaths-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-test-8.0.26-1.el7.ppc64le.rpm

s390x:
rh-mysql80-mysql-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-common-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-config-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-config-syspaths-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-debuginfo-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-devel-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-errmsg-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-server-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-server-syspaths-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-syspaths-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-test-8.0.26-1.el7.s390x.rpm

x86_64:
rh-mysql80-mysql-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-common-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-config-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-config-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-debuginfo-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-devel-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-errmsg-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-server-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-server-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-test-8.0.26-1.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
rh-mysql80-mysql-8.0.26-1.el7.src.rpm

ppc64le:
rh-mysql80-mysql-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-common-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-config-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-config-syspaths-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-debuginfo-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-devel-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-errmsg-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-server-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-server-syspaths-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-syspaths-8.0.26-1.el7.ppc64le.rpm
rh-mysql80-mysql-test-8.0.26-1.el7.ppc64le.rpm

s390x:
rh-mysql80-mysql-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-common-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-config-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-config-syspaths-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-debuginfo-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-devel-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-errmsg-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-server-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-server-syspaths-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-syspaths-8.0.26-1.el7.s390x.rpm
rh-mysql80-mysql-test-8.0.26-1.el7.s390x.rpm

x86_64:
rh-mysql80-mysql-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-common-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-config-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-config-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-debuginfo-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-devel-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-errmsg-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-server-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-server-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-test-8.0.26-1.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-mysql80-mysql-8.0.26-1.el7.src.rpm

x86_64:
rh-mysql80-mysql-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-common-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-config-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-config-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-debuginfo-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-devel-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-errmsg-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-server-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-server-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-syspaths-8.0.26-1.el7.x86_64.rpm
rh-mysql80-mysql-test-8.0.26-1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-14672
https://access.redhat.com/security/cve/CVE-2020-14765
https://access.redhat.com/security/cve/CVE-2020-14769
https://access.redhat.com/security/cve/CVE-2020-14773
https://access.redhat.com/security/cve/CVE-2020-14775
https://access.redhat.com/security/cve/CVE-2020-14776
https://access.redhat.com/security/cve/CVE-2020-14777
https://access.redhat.com/security/cve/CVE-2020-14785
https://access.redhat.com/security/cve/CVE-2020-14786
https://access.redhat.com/security/cve/CVE-2020-14789
https://access.redhat.com/security/cve/CVE-2020-14790
https://access.redhat.com/security/cve/CVE-2020-14791
https://access.redhat.com/security/cve/CVE-2020-14793
https://access.redhat.com/security/cve/CVE-2020-14794
https://access.redhat.com/security/cve/CVE-2020-14800
https://access.redhat.com/security/cve/CVE-2020-14804
https://access.redhat.com/security/cve/CVE-2020-14809
https://access.redhat.com/security/cve/CVE-2020-14812
https://access.redhat.com/security/cve/CVE-2020-14814
https://access.redhat.com/security/cve/CVE-2020-14821
https://access.redhat.com/security/cve/CVE-2020-14828
https://access.redhat.com/security/cve/CVE-2020-14829
https://access.redhat.com/security/cve/CVE-2020-14830
https://access.redhat.com/security/cve/CVE-2020-14836
https://access.redhat.com/security/cve/CVE-2020-14837
https://access.redhat.com/security/cve/CVE-2020-14838
https://access.redhat.com/security/cve/CVE-2020-14839
https://access.redhat.com/security/cve/CVE-2020-14844
https://access.redhat.com/security/cve/CVE-2020-14845
https://access.redhat.com/security/cve/CVE-2020-14846
https://access.redhat.com/security/cve/CVE-2020-14848
https://access.redhat.com/security/cve/CVE-2020-14852
https://access.redhat.com/security/cve/CVE-2020-14860
https://access.redhat.com/security/cve/CVE-2020-14861
https://access.redhat.com/security/cve/CVE-2020-14866
https://access.redhat.com/security/cve/CVE-2020-14867
https://access.redhat.com/security/cve/CVE-2020-14868
https://access.redhat.com/security/cve/CVE-2020-14870
https://access.redhat.com/security/cve/CVE-2020-14873
https://access.redhat.com/security/cve/CVE-2020-14888
https://access.redhat.com/security/cve/CVE-2020-14891
https://access.redhat.com/security/cve/CVE-2020-14893
https://access.redhat.com/security/cve/CVE-2021-2001
https://access.redhat.com/security/cve/CVE-2021-2002
https://access.redhat.com/security/cve/CVE-2021-2010
https://access.redhat.com/security/cve/CVE-2021-2011
https://access.redhat.com/security/cve/CVE-2021-2021
https://access.redhat.com/security/cve/CVE-2021-2022
https://access.redhat.com/security/cve/CVE-2021-2024
https://access.redhat.com/security/cve/CVE-2021-2028
https://access.redhat.com/security/cve/CVE-2021-2030
https://access.redhat.com/security/cve/CVE-2021-2031
https://access.redhat.com/security/cve/CVE-2021-2032
https://access.redhat.com/security/cve/CVE-2021-2036
https://access.redhat.com/security/cve/CVE-2021-2038
https://access.redhat.com/security/cve/CVE-2021-2042
https://access.redhat.com/security/cve/CVE-2021-2046
https://access.redhat.com/security/cve/CVE-2021-2048
https://access.redhat.com/security/cve/CVE-2021-2055
https://access.redhat.com/security/cve/CVE-2021-2056
https://access.redhat.com/security/cve/CVE-2021-2058
https://access.redhat.com/security/cve/CVE-2021-2060
https://access.redhat.com/security/cve/CVE-2021-2061
https://access.redhat.com/security/cve/CVE-2021-2065
https://access.redhat.com/security/cve/CVE-2021-2070
https://access.redhat.com/security/cve/CVE-2021-2072
https://access.redhat.com/security/cve/CVE-2021-2076
https://access.redhat.com/security/cve/CVE-2021-2081
https://access.redhat.com/security/cve/CVE-2021-2087
https://access.redhat.com/security/cve/CVE-2021-2088
https://access.redhat.com/security/cve/CVE-2021-2122
https://access.redhat.com/security/cve/CVE-2021-2146
https://access.redhat.com/security/cve/CVE-2021-2164
https://access.redhat.com/security/cve/CVE-2021-2166
https://access.redhat.com/security/cve/CVE-2021-2169
https://access.redhat.com/security/cve/CVE-2021-2170
https://access.redhat.com/security/cve/CVE-2021-2171
https://access.redhat.com/security/cve/CVE-2021-2172
https://access.redhat.com/security/cve/CVE-2021-2174
https://access.redhat.com/security/cve/CVE-2021-2178
https://access.redhat.com/security/cve/CVE-2021-2179
https://access.redhat.com/security/cve/CVE-2021-2180
https://access.redhat.com/security/cve/CVE-2021-2193
https://access.redhat.com/security/cve/CVE-2021-2194
https://access.redhat.com/security/cve/CVE-2021-2196
https://access.redhat.com/security/cve/CVE-2021-2201
https://access.redhat.com/security/cve/CVE-2021-2202
https://access.redhat.com/security/cve/CVE-2021-2203
https://access.redhat.com/security/cve/CVE-2021-2208
https://access.redhat.com/security/cve/CVE-2021-2212
https://access.redhat.com/security/cve/CVE-2021-2213
https://access.redhat.com/security/cve/CVE-2021-2215
https://access.redhat.com/security/cve/CVE-2021-2217
https://access.redhat.com/security/cve/CVE-2021-2226
https://access.redhat.com/security/cve/CVE-2021-2230
https://access.redhat.com/security/cve/CVE-2021-2232
https://access.redhat.com/security/cve/CVE-2021-2278
https://access.redhat.com/security/cve/CVE-2021-2293
https://access.redhat.com/security/cve/CVE-2021-2298
https://access.redhat.com/security/cve/CVE-2021-2299
https://access.redhat.com/security/cve/CVE-2021-2300
https://access.redhat.com/security/cve/CVE-2021-2301
https://access.redhat.com/security/cve/CVE-2021-2304
https://access.redhat.com/security/cve/CVE-2021-2305
https://access.redhat.com/security/cve/CVE-2021-2307
https://access.redhat.com/security/cve/CVE-2021-2308
https://access.redhat.com/security/cve/CVE-2021-2339
https://access.redhat.com/security/cve/CVE-2021-2340
https://access.redhat.com/security/cve/CVE-2021-2342
https://access.redhat.com/security/cve/CVE-2021-2352
https://access.redhat.com/security/cve/CVE-2021-2354
https://access.redhat.com/security/cve/CVE-2021-2356
https://access.redhat.com/security/cve/CVE-2021-2357
https://access.redhat.com/security/cve/CVE-2021-2367
https://access.redhat.com/security/cve/CVE-2021-2370
https://access.redhat.com/security/cve/CVE-2021-2372
https://access.redhat.com/security/cve/CVE-2021-2374
https://access.redhat.com/security/cve/CVE-2021-2383
https://access.redhat.com/security/cve/CVE-2021-2384
https://access.redhat.com/security/cve/CVE-2021-2385
https://access.redhat.com/security/cve/CVE-2021-2387
https://access.redhat.com/security/cve/CVE-2021-2389
https://access.redhat.com/security/cve/CVE-2021-2390
https://access.redhat.com/security/cve/CVE-2021-2399
https://access.redhat.com/security/cve/CVE-2021-2402
https://access.redhat.com/security/cve/CVE-2021-2410
https://access.redhat.com/security/cve/CVE-2021-2412
https://access.redhat.com/security/cve/CVE-2021-2417
https://access.redhat.com/security/cve/CVE-2021-2418
https://access.redhat.com/security/cve/CVE-2021-2422
https://access.redhat.com/security/cve/CVE-2021-2424
https://access.redhat.com/security/cve/CVE-2021-2425
https://access.redhat.com/security/cve/CVE-2021-2426
https://access.redhat.com/security/cve/CVE-2021-2427
https://access.redhat.com/security/cve/CVE-2021-2429
https://access.redhat.com/security/cve/CVE-2021-2437
https://access.redhat.com/security/cve/CVE-2021-2440
https://access.redhat.com/security/cve/CVE-2021-2441
https://access.redhat.com/security/cve/CVE-2021-2444
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYWWX8NzjgjWX9erEAQiP2A/+JvB4LYL4QKYkosS9bbfsgleJ91P++4rf
QNIX/+NcxM95P4PMEfA+DPdwzmuyCZjEvU07QVWOemQMiWPAGWmNN40YXg11x/vh
/gFOkxJq37e87wgzhPIcatihtpHpvB9CXqPIaXo9OiSegxBXepOSMnqgTxY+F0dv
3dgOyk8BABiB7tuLgxwLdeghLRlDH6MqVOZQbehd0X9Zw3Ikq39iigPzRmLELPja
klNcv+5kl6Dndtqijpde2G5Zro7jVBxFNMhat3e+dj4xxALEKAzxTN1/pDmhepSC
ikMrMQ1yyrdnn98OqQRP7aenMb6Cc5VVuuUzbrcs485yanxyU/6G3beKFwqNIRdq
8qVb3ScX5QZu6JG+ASVR+xP6j0A9Wmr8FCbmBGnVvgy/Uv+nH79zcKumNYX2rgW1
XVOWHcPc4dxyE9wgYA7nfafWi9ourpUqDo66xqPGf3XFtsJ0YwsXCCvOYoVi79DJ
e1WB0zcUY3QjC/6ANy1vbHLdJu10QcZAfogoYMlQTvSAnsoBh1waiXSnSyKXGKAS
clxOFoeFpxkXXCaeDLPbudHbM+BaA0lQxW2Bn6e/oW+vUQSKZjsN6bmI091D4Eey
d5eK0SaRdt5ChUgWwQwfeBVKKvr628Eed/c+Olz8y5j7ptxmboOM3mE1dBTeXifP
qWMWvb7zGCg=
=V0CQ
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYWZw2eNLKJtyKPYoAQirew//XkpjplfN1KQ9aUiQiIkHT0UhIcCNZ/Jc
kBAkWG1cvLC7d5jwnCvlFMGHaZIvrRjnMA23V57RjhhhUnP7OBUVJrEL3lC8iDCo
cgxkvWQWtt0/k2VSQ9IW0EReeJYhMpOTz3J58AdEZ7SywfvradxgY94ueiYlZbmZ
JquSwzWFdUI8/iDYUOPf5dZbTYJ5XlCsD2MfXGjO04VDGGL82iBjgr+/+Bkue7dq
oCq29Lci8a85KeJ0yziNPy+E9tZ2fC7dpzXPB71zNHdbF3TDwLo5E4V2uIFAcuoI
GKR9pQHZq5/kPNUUMXtkSsjBXKQBBs+vJC+7IPM8U30Wj4zmMWK1VD38q8VjfJVe
s5u0TU6KjoqevgHJHXuOP28Dp+l0CtoFpxgo3wGrOJ70n9gu9cQRzg25LLbryAQo
uMJ47FYMstoXBm+xdUvX9tA899WwULMY8Gxvxq8AdLQOSMzFBdUANo9TGjsB6/hL
7iXHA2tnWiBWL7rgJ+N5JlX8bcwhQWhrsmfcuVWqTLmycSFpw/KtDLxBr7/PMAKc
hHRzbIVSFM3NpuC+06NPyQCj4o6DlE4MWZowO6xqwzPXWnEl9A1uzM/zdG5PvaNX
ZAuI7A9OiJS+H4qhf5EP5ab8aX/VoDa4vJLbNfrfPUg2bddfU9LGt3ZxYPmvbjyH
OhNbAQBUKto=
=OEqZ
-----END PGP SIGNATURE-----