Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in MySQL
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in MySQL
ID: USN-5270-1
Distribution: Ubuntu
Plattformen: Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10
Datum: Do, 3. Februar 2022, 22:59
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21368
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21253
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21348
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21358
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21265
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21256
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21370
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21344
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21264
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-28.html
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-37.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21270
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21342
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21339
https://www.oracle.com/security-alerts/cpujan2022.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21249
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21367
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21351
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21245
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21254
Applikationen: MySQL

Originalnachricht

 
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============0484698244936624654==
Content-Language: en-CA
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="------------erEjydFcGgTyLFImyghtskWM"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------erEjydFcGgTyLFImyghtskWM
Content-Type: multipart/mixed;
 boundary="------------sl0rvaAJgVoVEU9k0q4Va6Ph";
 protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
 <ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <f2d838d6-796c-d745-e7af-b39772679076@canonical.com>
Subject: [USN-5270-1] MySQL vulnerabilities

--------------sl0rvaAJgVoVEU9k0q4Va6Ph
Content-Type: text/plain; charset=UTF-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-5270-1
February 03, 2022

mysql-5.7, mysql-8.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in MySQL.

Software Description:
- mysql-8.0: MySQL database
- mysql-5.7: MySQL database

Details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.28 in Ubuntu 20.04 LTS and Ubuntu 21.10.
Ubuntu 18.04 LTS has been updated to MySQL 5.7.37.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-37.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-28.html
https://www.oracle.com/security-alerts/cpujan2022.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.10:
  mysql-server-8.0                8.0.28-0ubuntu0.21.10.3

Ubuntu 20.04 LTS:
  mysql-server-8.0                8.0.28-0ubuntu0.20.04.3

Ubuntu 18.04 LTS:
  mysql-server-5.7                5.7.37-0ubuntu0.18.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-5270-1
  CVE-2022-21245, CVE-2022-21249, CVE-2022-21253, CVE-2022-21254,
  CVE-2022-21256, CVE-2022-21264, CVE-2022-21265, CVE-2022-21270,
  CVE-2022-21301, CVE-2022-21302, CVE-2022-21303, CVE-2022-21304,
  CVE-2022-21339, CVE-2022-21342, CVE-2022-21344, CVE-2022-21348,
  CVE-2022-21351, CVE-2022-21358, CVE-2022-21362, CVE-2022-21367,
  CVE-2022-21368, CVE-2022-21370, CVE-2022-21372, CVE-2022-21374,
  CVE-2022-21378, CVE-2022-21379

Package Information:
  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.28-0ubuntu0.21.10.3
  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.28-0ubuntu0.20.04.3
  https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.37-0ubuntu0.18.04.1

--------------sl0rvaAJgVoVEU9k0q4Va6Ph--

--------------erEjydFcGgTyLFImyghtskWM
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmH71m4ACgkQZWnYVadE
vpN/hxAAupRSWJqt/CfiAvafe0ecBKJvGfl+aliNQm0Lzk+VLIe3yaqTnw6sh+3B
wmIsj/Pwj/a1o6cwmiDuK0ckNWzMfKYgdvHwSryJKv4Q9JKhMPcc4VVkYyHsA6Vb
9920bfWlZvgapr9Q0K3fhROEModEg1AFYfGArU1cvxZFpTbsPkM6CbSco2sLur/z
yJMBtFDpJt4n6497n+Wsk8+VSilTks8+R4LvXEtjmAZ8XSw6zo+rss+r6+1uFaK+
KkVLneD96W0qN0JwfBvoaDIcREyNk/BLmu76yFc/N+UoADv1gNPNCDNcEOyKiMmx
JEc+A7oowL7AoHOh3kwGuVTeIenwfgIJrR8wqVqMmK8R7/Yg2JpKWR5aMymtwvwE
OWyisTm4Zup+aX39U5RB+VZV1eV94mhF3wA/H1JuvycR94ZMQrXE4bMMKVIeput5
8LWIr2Ur581kcr4BcTup5fmTbfvjjI0IE50GkjWPPIysae6mLDIV/zHIPED43OQe
xRIj1+Gk6svryUSvoXx5gLsK28CaAQYBdrCpxByzeYU8CUw0oYv3p95Mr4Gci0i7
BRnrNznrsWIqhgm/gV8CLa4rNwPd0gseLM+mkPgWAuOy7WnXCwJYIWnch0XpfsWL
w40GlN4R4cMHc5nHa8N2YHIxbQb4k4B7N6AzQWC891kqb7OGxbM=
=kPOC
-----END PGP SIGNATURE-----

--------------erEjydFcGgTyLFImyghtskWM--


--===============0484698244936624654==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============0484698244936624654==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung