Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in MySQL
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in MySQL
ID: USN-5400-1
Distribution: Ubuntu
Plattformen: Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10, Ubuntu 22.04 LTS
Datum: Di, 3. Mai 2022, 16:23
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21427
https://www.oracle.com/security-alerts/cpuapr2022.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21478
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21444
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21438
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21459
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21412
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21440
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21460
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-29.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21437
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21451
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21457
Applikationen: MySQL

Originalnachricht

 
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8561078448019181347==
Content-Language: en-CA
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="------------yYCU5CHcIWxNZrU0Xjy3tum0"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------yYCU5CHcIWxNZrU0Xjy3tum0
Content-Type: multipart/mixed;
 boundary="------------sJxdnDNUSRMLhHdvt2KyO4aS";
 protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
 <ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <9cb0f177-224e-a73e-6906-33c16ca92832@canonical.com>
Subject: [USN-5400-1] MySQL vulnerabilities

--------------sJxdnDNUSRMLhHdvt2KyO4aS
Content-Type: text/plain; charset=UTF-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-5400-1
May 03, 2022

mysql-5.7, mysql-8.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in MySQL.

Software Description:
- mysql-8.0: MySQL database
- mysql-5.7: MySQL database

Details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and
Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-29.html
https://www.oracle.com/security-alerts/cpuapr2022.html

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  mysql-server-8.0                8.0.29-0ubuntu0.22.04.1

Ubuntu 21.10:
  mysql-server-8.0                8.0.29-0ubuntu0.21.10.1

Ubuntu 20.04 LTS:
  mysql-server-8.0                8.0.29-0ubuntu0.20.04.2

Ubuntu 18.04 LTS:
  mysql-server-5.7                5.7.38-0ubuntu0.18.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-5400-1
  CVE-2022-21412, CVE-2022-21413, CVE-2022-21414, CVE-2022-21415,
  CVE-2022-21417, CVE-2022-21418, CVE-2022-21423, CVE-2022-21425,
  CVE-2022-21427, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437,
  CVE-2022-21438, CVE-2022-21440, CVE-2022-21444, CVE-2022-21451,
  CVE-2022-21452, CVE-2022-21454, CVE-2022-21457, CVE-2022-21459,
  CVE-2022-21460, CVE-2022-21462, CVE-2022-21478

Package Information:
  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.29-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.29-0ubuntu0.21.10.1
  https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.29-0ubuntu0.20.04.2
  https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.38-0ubuntu0.18.04.1

--------------sJxdnDNUSRMLhHdvt2KyO4aS--

--------------yYCU5CHcIWxNZrU0Xjy3tum0
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmJxItYACgkQZWnYVadE
vpPqKxAAkj9U4vhDvUYAdedE9eEy9cKk307Lg5KYzpvl6N67wRqgsu2OvoGY/sG1
73jP5ioS1xvJWu0ZxGv80C6s0ZZI2fPVnlzxgW8JOa6ywa3C+XP8jVr58MYW90Id
qSn28O5oOfeaa1GLMn/cfvUVtW3PSGnA8JRHYoAXG9agU9rIpH8E4hnK8o+jr4bF
2DWqRf9LTdGIwdMU1LkvPY6oV+ewKdiV3b/C+SpkjWsl52OruJe3xoguB0RzNm9s
QCclfFWhLJzFoK2ztgU/N+Hdkha+GTav62FxHKW+9h+b+ArwR2+TMlcttPvZEM+D
UH4KHAI+i07ataoSectp1pkV2wA79rNFEoCDlWAsyN9PldYAU9hXnLSNQLuP17CI
9vIHHzwbgzD0Z/5uRvtxa4XDOBLx+2tppHiLx8S8sboHUzoyfq8cwsol4A+UrsRg
9+fiOM4Q0i+euuRDVBCOsChBPw1rbwanxDFWYN9UrQcxgkI3tXN5/ipIfZNxKYIW
o2e/fWUHxezbzV1pjUUa33Zlmkow2e08JrRYkHRa7B7sjqlr3xYpDSjHD+BdY6tm
wUIK1beTe5KmNOVTLG+Lv+i3u9H6jSaSvbCIofFgrDag4rAahBOz8VFCPTDZ0qZw
5XfViFQ+RVxY/Mr32fTZ3VU9GE+3s/CWgb0+3ti6mQGMgohvDeU=
=Jl6g
-----END PGP SIGNATURE-----

--------------yYCU5CHcIWxNZrU0Xjy3tum0--


--===============8561078448019181347==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

Cg==

--===============8561078448019181347==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung