This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8088367648575954830== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------28pYe4jgSkj0vxaX2M3tCQFA"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------28pYe4jgSkj0vxaX2M3tCQFA Content-Type: multipart/mixed; boundary="------------Yv0Pq3UHnCb0dt2jn08TpWK5"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <da9abc81-f2fe-4bc6-934a-48529f0f7b16@canonical.com> Subject: [USN-6823-1] MySQL vulnerabilities
--------------Yv0Pq3UHnCb0dt2jn08TpWK5 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-6823-1 June 11, 2024
mysql-8.0 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description: - mysql-8.0: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.37 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10, and Ubuntu 24.04 LTS.
In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-37.html https://www.oracle.com/security-alerts/cpuapr2024.html
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04 LTS mysql-server-8.0 8.0.37-0ubuntu0.24.04.1
Ubuntu 23.10 mysql-server-8.0 8.0.37-0ubuntu0.23.10.2
Ubuntu 22.04 LTS mysql-server-8.0 8.0.37-0ubuntu0.22.04.3
Ubuntu 20.04 LTS mysql-server-8.0 8.0.37-0ubuntu0.20.04.3
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6823-1 CVE-2024-20994, CVE-2024-20998, CVE-2024-21000, CVE-2024-21008, CVE-2024-21009, CVE-2024-21013, CVE-2024-21047, CVE-2024-21054, CVE-2024-21060, CVE-2024-21062, CVE-2024-21069, CVE-2024-21087, CVE-2024-21096, CVE-2024-21102
Package Information: https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.37-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.37-0ubuntu0.23.10.2 https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.37-0ubuntu0.22.04.3 https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.37-0ubuntu0.20.04.3
--------------Yv0Pq3UHnCb0dt2jn08TpWK5--
--------------28pYe4jgSkj0vxaX2M3tCQFA Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmZoWUEACgkQZWnYVadE vpOgmQ/8Cfu25X2K6W1dxg2KFfc7RrDIc/+dVPA1vdHgJTTtjLDkM+/fhD7/GsjE 3TAn2O3AeQscWNbkvq2/wRA135r24H0yD2cC70vGeBIYq+F2HYzufOOANVAkSsfM bNvCz+IPOPB75btjepQMyEKPcqH83+qBbzEZ4DYJjwIEYT/lw+szFEhF8pSRkQoc OPPZIOedeY8LJSQXRXTOOxl6WNHb+g5MhJ2XmgRVrdrxgw3PGNSJ8H6qxYA4Z986 Ip7LxnbYWSoUX7pUMVP2vleJTK8KIS3wQ17GKsoyHTCbcetLVVvsxkEvwo0IPQWt jkX6PpdIvFwVljKvleOUFnoZbQaXdUeA1geI4JkWR98C7wFFdJSS7nYkWDDBNtiP 4z5U51yjQH/VnloC4gNLZH1XKVji59CgaX6kAUh3rknfOSD6s03NW1dD9viqldyU bZ2nSFe3tIOcwnu4wGue0WnGnI+94rerFestVFTjCVAMM38aoSRnRmODUDDgDd6u OpulaV/61+UWcXpH7PQTAMK4btjAIRED4+ns/OV2/e8txk2KXavnCEViJENU5Eb9 qyurO/vx1mQtZbnyx2CnhYkVTpf/VKD4Z+jB3N7s+hV3xbz3NHqwqV0pFy5MBwKU Mr68oxvxX1TIpN+ssLcNTqg8112LW39pOZ7baoGY/2wcIc0RwVw= =Szzw -----END PGP SIGNATURE-----
--------------28pYe4jgSkj0vxaX2M3tCQFA--
--===============8088367648575954830== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============8088367648575954830==--
|