{"id":"USN-4651-1","summary":"mysql-8.0 vulnerabilities","details":"Tom Reynolds discovered that due to a packaging error, the MySQL X Plugin\nwas listening to all network interfaces by default, contrary to\nexpectations.\n\nThis update changes the default MySQL configuration to bind the MySQL X\nPlugin to localhost only. This change may impact environments where the\nMySQL X Plugin needs to be accessible from the network. The\nmysqlx-bind-address setting in the /etc/mysql/mysql.conf.d/mysqld.cnf file\ncan be modified to allow network access.\n","modified":"2026-04-22T10:10:11.813022Z","published":"2020-11-30T12:40:14Z","references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4651-1"},{"type":"REPORT","url":"https://launchpad.net/bugs/1857584"}],"affected":[{"package":{"name":"mysql-8.0","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/mysql-8.0@8.0.22-0ubuntu0.20.04.3?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.22-0ubuntu0.20.04.3"}]}],"versions":["8.0.17-0ubuntu2","8.0.17-0ubuntu3","8.0.18-0ubuntu3","8.0.18-0ubuntu4","8.0.18-0ubuntu5","8.0.19-0ubuntu2","8.0.19-0ubuntu3","8.0.19-0ubuntu4","8.0.19-0ubuntu5","8.0.20-0ubuntu0.20.04.1","8.0.21-0ubuntu0.20.04.3","8.0.21-0ubuntu0.20.04.4","8.0.22-0ubuntu0.20.04.2"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libmysqlclient21","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-client","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-client-8.0","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-client-core-8.0","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-router","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-server","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-server-8.0","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-server-core-8.0","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-source-8.0","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-testsuite","binary_version":"8.0.22-0ubuntu0.20.04.3"},{"binary_name":"mysql-testsuite-8.0","binary_version":"8.0.22-0ubuntu0.20.04.3"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4651-1.json"}}],"schema_version":"1.7.5"}