{"id":"RLSA-2020:3732","summary":"Important: mysql:8.0 security update","details":"MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe following packages have been upgraded to a later upstream version: mysql (8.0.21).\n\nSecurity Fix(es):\n\n* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586, CVE-2020-14702)\n\n* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957)\n\n* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)\n\n* mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925)\n\n* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)\n\n* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654, CVE-2020-14680, CVE-2020-14725)\n\n* mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011)\n\n* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580)\n\n* mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)\n\n* mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)\n\n* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632)\n\n* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)\n\n* mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)\n\n* mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)\n\n* mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)\n\n* mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)\n\n* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)\n\n* mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)\n\n* mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903)\n\n* mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921)\n\n* mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926)\n\n* mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)\n\n* mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)\n\n* mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)\n\n* mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)\n\n* mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)\n\n* mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)\n\n* mysql: Information Schema unspecified vulnerability (CVE-2019-2911)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-04T08:45:14.282598Z","published":"2020-09-14T12:23:24Z","upstream":["CVE-2019-2911","CVE-2019-2914","CVE-2019-2938","CVE-2019-2946","CVE-2019-2957","CVE-2019-2960","CVE-2019-2963","CVE-2019-2966","CVE-2019-2967","CVE-2019-2968","CVE-2019-2974","CVE-2019-2982","CVE-2019-2991","CVE-2019-2993","CVE-2019-2997","CVE-2019-2998","CVE-2019-3004","CVE-2019-3009","CVE-2019-3011","CVE-2019-3018","CVE-2020-14539","CVE-2020-14540","CVE-2020-14547","CVE-2020-14550","CVE-2020-14553","CVE-2020-14559","CVE-2020-14567","CVE-2020-14568","CVE-2020-14575","CVE-2020-14576","CVE-2020-14586","CVE-2020-14597","CVE-2020-14614","CVE-2020-14619","CVE-2020-14620","CVE-2020-14623","CVE-2020-14624","CVE-2020-14631","CVE-2020-14632","CVE-2020-14633","CVE-2020-14634","CVE-2020-14641","CVE-2020-14643","CVE-2020-14651","CVE-2020-14654","CVE-2020-14656","CVE-2020-14663","CVE-2020-14678","CVE-2020-14680","CVE-2020-14697","CVE-2020-14702","CVE-2020-14725","CVE-2020-14799","CVE-2020-2570","CVE-2020-2573","CVE-2020-2574","CVE-2020-2577","CVE-2020-2579","CVE-2020-2580","CVE-2020-2584","CVE-2020-2588","CVE-2020-2589","CVE-2020-2627","CVE-2020-2660","CVE-2020-2679","CVE-2020-2686","CVE-2020-2694","CVE-2020-2752","CVE-2020-2759","CVE-2020-2760","CVE-2020-2761","CVE-2020-2762","CVE-2020-2763","CVE-2020-2765","CVE-2020-2770","CVE-2020-2774","CVE-2020-2779","CVE-2020-2780","CVE-2020-2804","CVE-2020-2812","CVE-2020-2814","CVE-2020-2853","CVE-2020-2892","CVE-2020-2893","CVE-2020-2895","CVE-2020-2896","CVE-2020-2897","CVE-2020-2898","CVE-2020-2901","CVE-2020-2903","CVE-2020-2904","CVE-2020-2921","CVE-2020-2922","CVE-2020-2923","CVE-2020-2924","CVE-2020-2925","CVE-2020-2926","CVE-2020-2928","CVE-2020-2930","CVE-2021-1998","CVE-2021-2006","CVE-2021-2007","CVE-2021-2009","CVE-2021-2012","CVE-2021-2016","CVE-2021-2019","CVE-2021-2020","CVE-2021-2144","CVE-2021-2160"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2020:3732"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764675"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764676"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764681"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764684"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764685"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764686"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764687"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764688"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764689"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764691"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764692"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764693"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764694"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764695"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764696"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764698"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764699"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764700"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764701"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796880"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796881"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796882"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796883"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796884"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796885"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796886"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796887"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796888"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796889"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796905"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798559"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798576"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798587"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830048"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830049"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830050"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830051"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830052"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830053"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830054"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830055"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830056"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830058"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830059"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830060"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830061"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830062"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830064"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830066"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830067"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830068"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830069"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830070"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830071"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830072"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830073"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830074"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830075"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830076"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830077"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830078"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830079"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1830082"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1835849"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1835850"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865945"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865947"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865948"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865949"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865950"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865951"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865952"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865953"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865954"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865955"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865956"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865958"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865959"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865960"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865961"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865962"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865963"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865964"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865965"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865966"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865967"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865968"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865969"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865970"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865971"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865972"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865973"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865974"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865975"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865976"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865977"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1865982"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1874040"}],"affected":[{"package":{"name":"mecab","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab?distro=rocky-linux-8-4-legacy&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.996-1.module+el8.3.0+242+87d3366a.9"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2020:3732.json"}},{"package":{"name":"mecab-ipadic","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab-ipadic?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.0.20070801-16.module+el8.3.0+242+87d3366a"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2020:3732.json"}},{"package":{"name":"mysql","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mysql?distro=rocky-linux-8-4-legacy&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.0.21-1.module+el8.3.0+242+87d3366a"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2020:3732.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}