Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in MySQL
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in MySQL
ID: USN-4952-1
Distribution: Ubuntu
Plattformen: Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, Ubuntu 21.04
Datum: Mi, 12. Mai 2021, 23:44
Referenzen: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-25.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2171
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2154
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2299
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2217
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2215
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2203
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-34.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2212
https://www.oracle.com/security-alerts/cpuapr2021.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2298
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2172
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2232
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2208
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2230
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2293
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2179
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2170
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2307
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2196
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-24.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2169
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2278
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2305
Applikationen: MySQL

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============1192113270593230007==
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="TE3yotv6bToT3W6eZB5Y0MiIdgFe2aaoo"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--TE3yotv6bToT3W6eZB5Y0MiIdgFe2aaoo
Content-Type: multipart/mixed;
boundary="HIaAh0Qun6rj36wJ43p9l59H3Ai0nPByG";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
<ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <fcee5633-10c7-feb9-1057-01b00cd63e91@canonical.com>
Subject: [USN-4952-1] MySQL vulnerabilities

--HIaAh0Qun6rj36wJ43p9l59H3Ai0nPByG
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-4952-1
May 12, 2021

mysql-5.7, mysql-8.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in MySQL.

Software Description:
- mysql-8.0: MySQL database
- mysql-5.7: MySQL database

Details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.25 in Ubuntu 20.04 LTS, Ubuntu 20.10, and
Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.34.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-34.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-24.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-25.html
https://www.oracle.com/security-alerts/cpuapr2021.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
mysql-server-8.0 8.0.25-0ubuntu0.21.04.1

Ubuntu 20.10:
mysql-server-8.0 8.0.25-0ubuntu0.20.10.1

Ubuntu 20.04 LTS:
mysql-server-8.0 8.0.25-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:
mysql-server-5.7 5.7.34-0ubuntu0.18.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://ubuntu.com/security/notices/USN-4952-1
CVE-2021-2146, CVE-2021-2154, CVE-2021-2162, CVE-2021-2164,
CVE-2021-2166, CVE-2021-2169, CVE-2021-2170, CVE-2021-2171,
CVE-2021-2172, CVE-2021-2179, CVE-2021-2180, CVE-2021-2193,
CVE-2021-2194, CVE-2021-2196, CVE-2021-2201, CVE-2021-2203,
CVE-2021-2208, CVE-2021-2212, CVE-2021-2215, CVE-2021-2217,
CVE-2021-2226, CVE-2021-2230, CVE-2021-2232, CVE-2021-2278,
CVE-2021-2293, CVE-2021-2298, CVE-2021-2299, CVE-2021-2300,
CVE-2021-2301, CVE-2021-2304, CVE-2021-2305, CVE-2021-2307,
CVE-2021-2308

Package Information:
https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.25-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.25-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.25-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.34-0ubuntu0.18.04.1


--HIaAh0Qun6rj36wJ43p9l59H3Ai0nPByG--

--TE3yotv6bToT3W6eZB5Y0MiIdgFe2aaoo
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmCcHYsACgkQZWnYVadE
vpPxLQ/+IJPDKV5lmxh/FPPR7fQoEhyKAmzhxMIMq11UbUnyYbjWrtSFx7Jtwh16
fYt4jflWtg+PtSHb2OBl9mdtgz6pVkr4BNuKmNMseh8Sl/O4MIx1zanagtzVe4h0
QLhzthB97zxK5am/0vbsSN4rFQttLOTmEhkHNIn2UhK1ejoRk9rw+kPia5PQbCzM
Nj9/tCCRajcKTocISGHYyzLVKNnQhAjYNTaiE5DY3/AfRUGibt39DnOMhAwnw6TV
xmSBEZ7Doa8VkxuEICckEcae2d42BCGZonyqbzUMVbP46VJQ6vQT/5AHbxPvuecK
AmwVFhNDbAWgu7mzyVdgTYM1WwjjqwzODfGqxqr5l9+oXy7dqN7JE6dRD/QuvoTs
/McMPcWfsqYITARjRD/X9uRIpRVk3dmA+WjU1/zY2ow9lWKit57hHaFYCnLz5Szi
zpaMFuxUfyp10kOVLbcYM1IRKJJd+aKGfgSdPXLDK/9G06VNjfuiVUH3M2FgvBJQ
LdAWuxLKeVu6RR5NjmO6wVsIqZMH+akubjz7eMeliRs9sl3Wyn639hpkLHmN+enz
T+4/vol3rycS8vkT6cwmm/YotcuVdhextz1GkhlylbHdMZEcKqU7RzrPIBBJJ7bp
Kwmrk4UeOUPfu0H1bc+UL5VVw7iZXqibPrw+ar0geIdp1Ydk2oQ=
=Hq/H
-----END PGP SIGNATURE-----

--TE3yotv6bToT3W6eZB5Y0MiIdgFe2aaoo--


--===============1192113270593230007==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============1192113270593230007==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung