{"id":"RLSA-2022:7119","summary":"Moderate: mysql:8.0 security, bug fix, and enhancement update","details":"MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe following packages have been upgraded to a later upstream version: mysql (8.0.30).\n\nSecurity Fix(es):\n\n* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413)\n\n* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575, CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253, CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342, CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21569, CVE-2022-21265)\n\n* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344, CVE-2022-21415)\n\n* mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596)\n\n* mysql: C API unspecified vulnerability (CVE-2021-35597)\n\n* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630, CVE-2022-21515)\n\n* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348, CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537, CVE-2022-21539, CVE-2022-21423)\n\n* mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608, CVE-2022-21256, CVE-2022-21379, CVE-2022-21454)\n\n* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622, CVE-2022-21358, CVE-2022-21372, CVE-2022-21538)\n\n* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624, CVE-2022-21245, CVE-2021-35625)\n\n* mysql: Server: GIS unspecified vulnerability (CVE-2021-35631)\n\n* mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632)\n\n* mysql: Server: PS unspecified vulnerability (CVE-2021-35637)\n\n* mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303, CVE-2022-21522, CVE-2022-21534)\n\n* mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427)\n\n* mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547)\n\n* mysql: Server: Parser unspecified vulnerability (CVE-2022-21304)\n\n* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374)\n\n* mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367)\n\n* mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368)\n\n* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640, CVE-2022-21249)\n\n* mysql: Server: PAM Auth Plugin unspecified vulnerability (CVE-2022-21457)\n\n* mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633)\n\n* mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Rebuild mecab due to change in the suffix (from .el8 to .el8.0.0) [Rocky Linux-8] (BZ#2110940)","modified":"2026-02-05T06:30:10.250095Z","published":"2022-10-25T07:30:28Z","upstream":["CVE-2021-2478","CVE-2021-2479","CVE-2021-2481","CVE-2021-35546","CVE-2021-35575","CVE-2021-35577","CVE-2021-35591","CVE-2021-35596","CVE-2021-35597","CVE-2021-35602","CVE-2021-35604","CVE-2021-35607","CVE-2021-35608","CVE-2021-35610","CVE-2021-35612","CVE-2021-35622","CVE-2021-35623","CVE-2021-35624","CVE-2021-35625","CVE-2021-35626","CVE-2021-35627","CVE-2021-35628","CVE-2021-35630","CVE-2021-35631","CVE-2021-35632","CVE-2021-35633","CVE-2021-35634","CVE-2021-35635","CVE-2021-35636","CVE-2021-35637","CVE-2021-35638","CVE-2021-35639","CVE-2021-35640","CVE-2021-35641","CVE-2021-35642","CVE-2021-35643","CVE-2021-35644","CVE-2021-35645","CVE-2021-35646","CVE-2021-35647","CVE-2021-35648","CVE-2022-21245","CVE-2022-21249","CVE-2022-21253","CVE-2022-21254","CVE-2022-21256","CVE-2022-21264","CVE-2022-21265","CVE-2022-21270","CVE-2022-21278","CVE-2022-21297","CVE-2022-21301","CVE-2022-21302","CVE-2022-21303","CVE-2022-21304","CVE-2022-21339","CVE-2022-21342","CVE-2022-21344","CVE-2022-21348","CVE-2022-21351","CVE-2022-21352","CVE-2022-21358","CVE-2022-21362","CVE-2022-21367","CVE-2022-21368","CVE-2022-21370","CVE-2022-21372","CVE-2022-21374","CVE-2022-21378","CVE-2022-21379","CVE-2022-21412","CVE-2022-21413","CVE-2022-21414","CVE-2022-21415","CVE-2022-21417","CVE-2022-21418","CVE-2022-21423","CVE-2022-21425","CVE-2022-21427","CVE-2022-21435","CVE-2022-21436","CVE-2022-21437","CVE-2022-21438","CVE-2022-21440","CVE-2022-21444","CVE-2022-21451","CVE-2022-21452","CVE-2022-21454","CVE-2022-21455","CVE-2022-21457","CVE-2022-21459","CVE-2022-21460","CVE-2022-21462","CVE-2022-21478","CVE-2022-21479","CVE-2022-21509","CVE-2022-21515","CVE-2022-21517","CVE-2022-21522","CVE-2022-21525","CVE-2022-21526","CVE-2022-21527","CVE-2022-21528","CVE-2022-21529","CVE-2022-21530","CVE-2022-21531","CVE-2022-21534","CVE-2022-21537","CVE-2022-21538","CVE-2022-21539","CVE-2022-21547","CVE-2022-21553","CVE-2022-21556","CVE-2022-21569","CVE-2022-21592","CVE-2022-21595","CVE-2022-21600","CVE-2022-21605","CVE-2022-21607","CVE-2022-21635","CVE-2022-21638","CVE-2022-21641","CVE-2023-21866","CVE-2023-21872"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2022:7119"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016089"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016090"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016091"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016093"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016094"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016095"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016097"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016098"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016099"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016100"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016104"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016105"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016106"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016107"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016108"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016109"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016110"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016111"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016112"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016113"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016114"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016117"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016118"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016119"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016120"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016121"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016122"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016124"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016126"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016127"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016128"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016129"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016130"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016131"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016132"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016133"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016134"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016135"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016137"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2016138"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043620"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043621"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043622"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043623"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043624"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043625"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043626"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043627"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043628"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043629"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043630"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043631"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043632"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043633"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043634"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043635"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043636"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043637"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043638"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043639"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043640"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043641"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043642"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043643"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043644"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043645"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043646"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043647"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2043648"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082636"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082637"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082638"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082639"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082640"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082641"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082642"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082643"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082644"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082645"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082646"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082647"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082648"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082649"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082650"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082651"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082652"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082653"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082654"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082655"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082656"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082657"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082658"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082659"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2110940"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115283"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115284"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115285"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115286"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115287"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115288"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115289"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115290"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115291"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115292"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115293"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115294"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115295"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115296"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115297"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115298"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115299"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115301"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122604"}],"affected":[{"package":{"name":"mecab","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.996-2.module+el8.6.0+1057+4d6a1721"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7119.json"}},{"package":{"name":"mecab-ipadic","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab-ipadic?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.0.20070801-16.module+el8.3.0+242+87d3366a"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7119.json"}},{"package":{"name":"mysql","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mysql?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.0.30-1.module+el8.6.0+1057+4d6a1721"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7119.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}