[Apollo] Advisories Statistics light light Login

RLSA-2025:1673

Security Mirrored from RHSA-2025:1673
Issued at: 2025-02-26
Updated at: 2025-02-26

Synopsis

Important: mysql:8.0 security update



Description

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

Security Fix(es):

* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)

* krb5: GSS message token handling (CVE-2024-37371)

* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)

* mysql: Thread Pooling unspecified vulnerability (CPU Oct 2024) (CVE-2024-21238)

* mysql: X Plugin unspecified vulnerability (CPU Oct 2024) (CVE-2024-21196)

* mysql: Optimizer unspecified vulnerability (CPU Oct 2024) (CVE-2024-21241)

* mysql: Client programs unspecified vulnerability (CPU Oct 2024) (CVE-2024-21231)

* mysql: Information Schema unspecified vulnerability (CPU Oct 2024) (CVE-2024-21197)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21218)

* mysql: Optimizer unspecified vulnerability (CPU Oct 2024) (CVE-2024-21201)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21236)

* mysql: Group Replication GCS unspecified vulnerability (CPU Oct 2024) (CVE-2024-21237)

* mysql: FTS unspecified vulnerability (CPU Oct 2024) (CVE-2024-21203)

* mysql: Health Monitor unspecified vulnerability (CPU Oct 2024) (CVE-2024-21212)

* mysql: DML unspecified vulnerability (CPU Oct 2024) (CVE-2024-21219)

* mysql: Optimizer unspecified vulnerability (CPU Oct 2024) (CVE-2024-21230)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21213)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21194)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21199)

* mysql: PS unspecified vulnerability (CPU Oct 2024) (CVE-2024-21193)

* mysql: DDL unspecified vulnerability (CPU Oct 2024) (CVE-2024-21198)

* mysql: mysqldump unspecified vulnerability (CPU Oct 2024) (CVE-2024-21247)

* mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21239)

* curl: curl netrc password leak (CVE-2024-11053)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21497)

* mysql: MySQL Server Options Vulnerability (CVE-2025-21520)

* mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)

* mysql: Information Schema unspecified vulnerability (CPU Jan 2025) (CVE-2025-21529)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21531)

* mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21504)

* mysql: Privileges unspecified vulnerability (CPU Jan 2025) (CVE-2025-21540)

* mysql: MySQL Server InnoDB Denial of Service and Unauthorized Data Modification Vulnerability (CVE-2025-21555)

* mysql: Packaging unspecified vulnerability (CPU Jan 2025) (CVE-2025-21543)

* mysql: MySQL Server InnoDB Denial of Service and Unauthorized Data Modification Vulnerability (CVE-2025-21491)

* mysql: DDL unspecified vulnerability (CPU Jan 2025) (CVE-2025-21525)

* mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21536)

* mysql: Thread Pooling unspecified vulnerability (CPU Jan 2025) (CVE-2025-21521)

* mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21501)

* mysql: Performance Schema unspecified vulnerability (CPU Jan 2025) (CVE-2025-21534)

* mysql: Privileges unspecified vulnerability (CPU Jan 2025) (CVE-2025-21494)

* mysql: Privileges unspecified vulnerability (CPU Jan 2025) (CVE-2025-21519)

* mysql: Parser unspecified vulnerability (CPU Jan 2025) (CVE-2025-21522)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21503)

* mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21518)

* mysql: MySQL Server InnoDB Denial of Service and Unauthorized Data Modification Vulnerability (CVE-2025-21559)

* mysql: Privilege Misuse in MySQL Server Security Component (CVE-2025-21546)

* mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21500)

* mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21523)

* mysql: Components Services unspecified vulnerability (CPU Jan 2025) (CVE-2025-21505)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2294581 2294676 2301888 2318857 2318858 2318870 2318873 2318874 2318876 2318882 2318883 2318884 2318885 2318886 2318897 2318900 2318905 2318914 2318922 2318923 2318925 2318926 2318927 2331191 2339218 2339220 2339221 2339226 2339231 2339236 2339238 2339243 2339247 2339252 2339259 2339266 2339270 2339271 2339275 2339277 2339281 2339284 2339291 2339293 2339295 2339299 2339300 2339304 2339305

CVEs

CVE-2024-11053 CVE-2024-21193 CVE-2024-21194 CVE-2024-21196 CVE-2024-21197 CVE-2024-21198 CVE-2024-21199 CVE-2024-21201 CVE-2024-21203 CVE-2024-21212 CVE-2024-21213 CVE-2024-21218 CVE-2024-21219 CVE-2024-21230 CVE-2024-21231 CVE-2024-21236 CVE-2024-21237 CVE-2024-21238 CVE-2024-21239 CVE-2024-21241 CVE-2024-21247 CVE-2024-37371 CVE-2024-5535 CVE-2024-7264 CVE-2025-21490 CVE-2025-21491 CVE-2025-21494 CVE-2025-21497 CVE-2025-21500 CVE-2025-21501 CVE-2025-21503 CVE-2025-21504 CVE-2025-21505 CVE-2025-21518 CVE-2025-21519 CVE-2025-21520 CVE-2025-21521 CVE-2025-21522 CVE-2025-21523 CVE-2025-21525 CVE-2025-21529 CVE-2025-21531 CVE-2025-21534 CVE-2025-21536 CVE-2025-21540 CVE-2025-21543 CVE-2025-21546 CVE-2025-21555 CVE-2025-21559

Affected packages

Rocky Linux 8 aarch64 - AppStream

mecab-0:0.996-2.module+el8.10.0+1676+9b4b6e24.aarch64.rpm mecab-0:0.996-2.module+el8.10.0+1676+9b4b6e24.src.rpm mecab-debuginfo-0:0.996-2.module+el8.10.0+1676+9b4b6e24.aarch64.rpm mecab-debugsource-0:0.996-2.module+el8.10.0+1676+9b4b6e24.aarch64.rpm mecab-devel-0:0.996-2.module+el8.10.0+1676+9b4b6e24.aarch64.rpm mecab-ipadic-0:2.7.0.20070801-17.module+el8.10.0+1937+28fbbc83.aarch64.rpm mecab-ipadic-0:2.7.0.20070801-17.module+el8.10.0+1937+28fbbc83.src.rpm mecab-ipadic-EUCJP-0:2.7.0.20070801-17.module+el8.10.0+1937+28fbbc83.aarch64.rpm mysql-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.src.rpm mysql-common-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-debugsource-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-devel-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-devel-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-errmsg-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-libs-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-libs-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-server-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-server-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-test-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm mysql-test-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

mecab-0:0.996-2.module+el8.10.0+1676+9b4b6e24.src.rpm mecab-0:0.996-2.module+el8.10.0+1676+9b4b6e24.x86_64.rpm mecab-debuginfo-0:0.996-2.module+el8.10.0+1676+9b4b6e24.x86_64.rpm mecab-debugsource-0:0.996-2.module+el8.10.0+1676+9b4b6e24.x86_64.rpm mecab-devel-0:0.996-2.module+el8.10.0+1676+9b4b6e24.x86_64.rpm mecab-ipadic-0:2.7.0.20070801-17.module+el8.10.0+1937+28fbbc83.src.rpm mecab-ipadic-0:2.7.0.20070801-17.module+el8.10.0+1937+28fbbc83.x86_64.rpm mecab-ipadic-EUCJP-0:2.7.0.20070801-17.module+el8.10.0+1937+28fbbc83.x86_64.rpm mysql-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.src.rpm mysql-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-common-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-debugsource-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-devel-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-devel-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-errmsg-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-libs-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-libs-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-server-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-server-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-test-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm mysql-test-debuginfo-0:8.0.41-1.module+el8.10.0+1937+28fbbc83.0.1.x86_64.rpm